| blob | f8e6cd4ce689e788bbf1d4d89d527b535a464b97 |
1 # $Id: configure.ac,v 1.350 2006/08/18 08:51:20 dtucker Exp $
2 #
3 # Copyright (c) 1999-2004 Damien Miller
4 #
5 # Permission to use, copy, modify, and distribute this software for any
6 # purpose with or without fee is hereby granted, provided that the above
7 # copyright notice and this permission notice appear in all copies.
8 #
9 # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
18 AC_REVISION($Revision: 1.350 $)
19 AC_CONFIG_SRCDIR([ssh.c])
21 AC_CONFIG_HEADER(config.h)
22 AC_PROG_CC
23 AC_CANONICAL_HOST
24 AC_C_BIGENDIAN
26 # Checks for programs.
27 AC_PROG_AWK
28 AC_PROG_CPP
29 AC_PROG_RANLIB
30 AC_PROG_INSTALL
31 AC_PROG_EGREP
32 AC_PATH_PROG(AR, ar)
33 AC_PATH_PROG(CAT, cat)
34 AC_PATH_PROG(KILL, kill)
35 AC_PATH_PROGS(PERL, perl5 perl)
36 AC_PATH_PROG(SED, sed)
37 AC_SUBST(PERL)
38 AC_PATH_PROG(ENT, ent)
39 AC_SUBST(ENT)
40 AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41 AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42 AC_PATH_PROG(TEST_MINUS_S_SH, sh)
43 AC_PATH_PROG(SH, sh)
44 AC_SUBST(TEST_SHELL,sh)
46 dnl for buildpkg.sh
47 AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49 AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51 AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
52 if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54 else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56 fi
58 # System features
59 AC_SYS_LARGEFILE
61 if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63 fi
65 # Use LOGIN_PROGRAM from environment if possible
66 if test ! -z "$LOGIN_PROGRAM" ; then
67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
70 else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76 fi
78 AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79 if test ! -z "$PATH_PASSWD_PROG" ; then
80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
82 fi
84 if test -z "$LD" ; then
85 LD=$CC
86 fi
87 AC_SUBST(LD)
89 AC_C_INLINE
91 AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
93 if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
103 esac
105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
116 fi
118 AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
121 if test "x$withval" = "xno" ; then
122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128 )
130 # Check for some target-specific stuff
131 case "$host" in
132 *-*-aix*)
133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
134 if (test -z "$blibpath"); then
135 blibpath="/usr/lib:/lib"
136 fi
137 saved_LDFLAGS="$LDFLAGS"
138 if test "$GCC" = "yes"; then
139 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
140 else
141 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
142 fi
143 for tryflags in $flags ;do
144 if (test -z "$blibflags"); then
145 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
146 AC_TRY_LINK([], [], [blibflags=$tryflags])
147 fi
148 done
149 if (test -z "$blibflags"); then
150 AC_MSG_RESULT(not found)
151 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
152 else
153 AC_MSG_RESULT($blibflags)
154 fi
155 LDFLAGS="$saved_LDFLAGS"
156 dnl Check for authenticate. Might be in libs.a on older AIXes
157 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
158 [Define if you want to enable AIX4's authenticate function])],
159 [AC_CHECK_LIB(s,authenticate,
160 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
161 LIBS="$LIBS -ls"
162 ])
163 ])
164 dnl Check for various auth function declarations in headers.
165 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
166 passwdexpired, setauthdb], , , [#include <usersec.h>])
167 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
168 AC_CHECK_DECLS(loginfailed,
169 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
170 AC_TRY_COMPILE(
171 [#include <usersec.h>],
172 [(void)loginfailed("user","host","tty",0);],
173 [AC_MSG_RESULT(yes)
174 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
175 [Define if your AIX loginfailed() function
176 takes 4 arguments (AIX >= 5.2)])],
177 [AC_MSG_RESULT(no)]
178 )],
179 [],
180 [#include <usersec.h>]
181 )
182 AC_CHECK_FUNCS(setauthdb)
183 AC_CHECK_DECL(F_CLOSEM,
184 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
185 [],
186 [ #include <limits.h>
187 #include <fcntl.h> ]
188 )
189 check_for_aix_broken_getaddrinfo=1
190 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
191 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
192 [Define if your platform breaks doing a seteuid before a setuid])
193 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
194 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
195 dnl AIX handles lastlog as part of its login message
196 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
197 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
198 [Some systems need a utmpx entry for /bin/login to work])
199 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
200 [Define to a Set Process Title type if your system is
201 supported by bsd-setproctitle.c])
202 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
203 [AIX 5.2 and 5.3 (and presumably newer) require this])
204 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
205 ;;
206 *-*-cygwin*)
207 check_for_libcrypt_later=1
208 LIBS="$LIBS /usr/lib/textmode.o"
209 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
210 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
211 AC_DEFINE(DISABLE_SHADOW, 1,
212 [Define if you want to disable shadow passwords])
213 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
214 [Define if your system choked on IP TOS setting])
215 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
216 [Define if X11 doesn't support AF_UNIX sockets on that system])
217 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
218 [Define if the concept of ports only accessible to
219 superusers isn't known])
220 AC_DEFINE(DISABLE_FD_PASSING, 1,
221 [Define if your platform needs to skip post auth
222 file descriptor passing])
223 ;;
224 *-*-dgux*)
225 AC_DEFINE(IP_TOS_IS_BROKEN)
226 AC_DEFINE(SETEUID_BREAKS_SETUID)
227 AC_DEFINE(BROKEN_SETREUID)
228 AC_DEFINE(BROKEN_SETREGID)
229 ;;
230 *-*-darwin*)
231 AC_MSG_CHECKING(if we have working getaddrinfo)
232 AC_TRY_RUN([#include <mach-o/dyld.h>
233 main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
234 exit(0);
235 else
236 exit(1);
237 }], [AC_MSG_RESULT(working)],
238 [AC_MSG_RESULT(buggy)
239 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
240 [AC_MSG_RESULT(assume it is working)])
241 AC_DEFINE(SETEUID_BREAKS_SETUID)
242 AC_DEFINE(BROKEN_SETREUID)
243 AC_DEFINE(BROKEN_SETREGID)
244 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
245 [Define if your resolver libs need this for getrrsetbyname])
246 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
247 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
248 [Use tunnel device compatibility to OpenBSD])
249 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
250 [Prepend the address family to IP tunnel traffic])
251 ;;
252 *-*-hpux*)
253 # first we define all of the options common to all HP-UX releases
254 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
255 IPADDR_IN_DISPLAY=yes
256 AC_DEFINE(USE_PIPES)
257 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
258 [Define if your login program cannot handle end of options ("--")])
259 AC_DEFINE(LOGIN_NEEDS_UTMPX)
260 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
261 [String used in /etc/passwd to denote locked account])
262 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
263 MAIL="/var/mail/username"
264 LIBS="$LIBS -lsec"
265 AC_CHECK_LIB(xnet, t_error, ,
266 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
268 # next, we define all of the options specific to major releases
269 case "$host" in
270 *-*-hpux10*)
271 if test -z "$GCC"; then
272 CFLAGS="$CFLAGS -Ae"
273 fi
274 ;;
275 *-*-hpux11*)
276 AC_DEFINE(PAM_SUN_CODEBASE, 1,
277 [Define if you are using Solaris-derived PAM which
278 passes pam_messages to the conversation function
279 with an extra level of indirection])
280 AC_DEFINE(DISABLE_UTMP, 1,
281 [Define if you don't want to use utmp])
282 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
283 check_for_hpux_broken_getaddrinfo=1
284 check_for_conflicting_getspnam=1
285 ;;
286 esac
288 # lastly, we define options specific to minor releases
289 case "$host" in
290 *-*-hpux10.26)
291 AC_DEFINE(HAVE_SECUREWARE, 1,
292 [Define if you have SecureWare-based
293 protected password database])
294 disable_ptmx_check=yes
295 LIBS="$LIBS -lsecpw"
296 ;;
297 esac
298 ;;
299 *-*-irix5*)
300 PATH="$PATH:/usr/etc"
301 AC_DEFINE(BROKEN_INET_NTOA, 1,
302 [Define if you system's inet_ntoa is busted
303 (e.g. Irix gcc issue)])
304 AC_DEFINE(SETEUID_BREAKS_SETUID)
305 AC_DEFINE(BROKEN_SETREUID)
306 AC_DEFINE(BROKEN_SETREGID)
307 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
308 [Define if you shouldn't strip 'tty' from your
309 ttyname in [uw]tmp])
310 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
311 ;;
312 *-*-irix6*)
313 PATH="$PATH:/usr/etc"
314 AC_DEFINE(WITH_IRIX_ARRAY, 1,
315 [Define if you have/want arrays
316 (cluster-wide session managment, not C arrays)])
317 AC_DEFINE(WITH_IRIX_PROJECT, 1,
318 [Define if you want IRIX project management])
319 AC_DEFINE(WITH_IRIX_AUDIT, 1,
320 [Define if you want IRIX audit trails])
321 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
322 [Define if you want IRIX kernel jobs])])
323 AC_DEFINE(BROKEN_INET_NTOA)
324 AC_DEFINE(SETEUID_BREAKS_SETUID)
325 AC_DEFINE(BROKEN_SETREUID)
326 AC_DEFINE(BROKEN_SETREGID)
327 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
328 AC_DEFINE(WITH_ABBREV_NO_TTY)
329 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
330 ;;
331 *-*-linux*)
332 no_dev_ptmx=1
333 check_for_libcrypt_later=1
334 check_for_openpty_ctty_bug=1
335 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
336 AC_DEFINE(PAM_TTY_KLUDGE, 1,
337 [Work around problematic Linux PAM modules handling of PAM_TTY])
338 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
339 [String used in /etc/passwd to denote locked account])
340 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
341 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
342 [Define to whatever link() returns for "not supported"
343 if it doesn't return EOPNOTSUPP.])
344 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
345 AC_DEFINE(USE_BTMP)
346 inet6_default_4in6=yes
347 case `uname -r` in
348 1.*|2.0.*)
349 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
350 [Define if cmsg_type is not passed correctly])
351 ;;
352 esac
353 # tun(4) forwarding compat code
354 AC_CHECK_HEADERS(linux/if_tun.h)
355 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
356 AC_DEFINE(SSH_TUN_LINUX, 1,
357 [Open tunnel devices the Linux tun/tap way])
358 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
359 [Use tunnel device compatibility to OpenBSD])
360 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
361 [Prepend the address family to IP tunnel traffic])
362 fi
363 ;;
364 mips-sony-bsd|mips-sony-newsos4)
365 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
366 SONY=1
367 ;;
368 *-*-netbsd*)
369 check_for_libcrypt_before=1
370 if test "x$withval" != "xno" ; then
371 need_dash_r=1
372 fi
373 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
374 AC_CHECK_HEADER([net/if_tap.h], ,
375 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
376 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
377 [Prepend the address family to IP tunnel traffic])
378 ;;
379 *-*-freebsd*)
380 check_for_libcrypt_later=1
381 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
382 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
383 AC_CHECK_HEADER([net/if_tap.h], ,
384 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
385 ;;
386 *-*-bsdi*)
387 AC_DEFINE(SETEUID_BREAKS_SETUID)
388 AC_DEFINE(BROKEN_SETREUID)
389 AC_DEFINE(BROKEN_SETREGID)
390 ;;
391 *-next-*)
392 conf_lastlog_location="/usr/adm/lastlog"
393 conf_utmp_location=/etc/utmp
394 conf_wtmp_location=/usr/adm/wtmp
395 MAIL=/usr/spool/mail
396 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
397 AC_DEFINE(BROKEN_REALPATH)
398 AC_DEFINE(USE_PIPES)
399 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
400 ;;
401 *-*-openbsd*)
402 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
403 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
404 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
405 ;;
406 *-*-solaris*)
407 if test "x$withval" != "xno" ; then
408 need_dash_r=1
409 fi
410 AC_DEFINE(PAM_SUN_CODEBASE)
411 AC_DEFINE(LOGIN_NEEDS_UTMPX)
412 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
413 [Some versions of /bin/login need the TERM supplied
414 on the commandline])
415 AC_DEFINE(PAM_TTY_KLUDGE)
416 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
417 [Define if pam_chauthtok wants real uid set
418 to the unpriv'ed user])
419 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
420 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
421 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
422 [Define if sshd somehow reacquires a controlling TTY
423 after setsid()])
424 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
425 in case the name is longer than 8 chars])
426 external_path_file=/etc/default/login
427 # hardwire lastlog location (can't detect it on some versions)
428 conf_lastlog_location="/var/adm/lastlog"
429 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
430 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
431 if test "$sol2ver" -ge 8; then
432 AC_MSG_RESULT(yes)
433 AC_DEFINE(DISABLE_UTMP)
434 AC_DEFINE(DISABLE_WTMP, 1,
435 [Define if you don't want to use wtmp])
436 else
437 AC_MSG_RESULT(no)
438 fi
439 ;;
440 *-*-sunos4*)
441 CPPFLAGS="$CPPFLAGS -DSUNOS4"
442 AC_CHECK_FUNCS(getpwanam)
443 AC_DEFINE(PAM_SUN_CODEBASE)
444 conf_utmp_location=/etc/utmp
445 conf_wtmp_location=/var/adm/wtmp
446 conf_lastlog_location=/var/adm/lastlog
447 AC_DEFINE(USE_PIPES)
448 ;;
449 *-ncr-sysv*)
450 LIBS="$LIBS -lc89"
451 AC_DEFINE(USE_PIPES)
452 AC_DEFINE(SSHD_ACQUIRES_CTTY)
453 AC_DEFINE(SETEUID_BREAKS_SETUID)
454 AC_DEFINE(BROKEN_SETREUID)
455 AC_DEFINE(BROKEN_SETREGID)
456 ;;
457 *-sni-sysv*)
458 # /usr/ucblib MUST NOT be searched on ReliantUNIX
459 AC_CHECK_LIB(dl, dlsym, ,)
460 # -lresolv needs to be at the end of LIBS or DNS lookups break
461 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
462 IPADDR_IN_DISPLAY=yes
463 AC_DEFINE(USE_PIPES)
464 AC_DEFINE(IP_TOS_IS_BROKEN)
465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
468 AC_DEFINE(SSHD_ACQUIRES_CTTY)
469 external_path_file=/etc/default/login
470 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
471 # Attention: always take care to bind libsocket and libnsl before libc,
472 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
473 ;;
474 # UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
475 *-*-sysv4.2*)
476 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
477 AC_DEFINE(USE_PIPES)
478 AC_DEFINE(SETEUID_BREAKS_SETUID)
479 AC_DEFINE(BROKEN_SETREUID)
480 AC_DEFINE(BROKEN_SETREGID)
481 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
482 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
483 ;;
484 # UnixWare 7.x, OpenUNIX 8
485 *-*-sysv5*)
486 check_for_libcrypt_later=1
487 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
488 AC_DEFINE(USE_PIPES)
489 AC_DEFINE(SETEUID_BREAKS_SETUID)
490 AC_DEFINE(BROKEN_SETREUID)
491 AC_DEFINE(BROKEN_SETREGID)
492 AC_DEFINE(PASSWD_NEEDS_USERNAME)
493 case "$host" in
494 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
495 TEST_SHELL=/u95/bin/sh
496 AC_DEFINE(BROKEN_LIBIAF, 1,
497 [ia_uinfo routines not supported by OS yet])
498 ;;
499 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
500 ;;
501 esac
502 ;;
503 *-*-sysv*)
504 ;;
505 # SCO UNIX and OEM versions of SCO UNIX
506 *-*-sco3.2v4*)
507 AC_MSG_ERROR("This Platform is no longer supported.")
508 ;;
509 # SCO OpenServer 5.x
510 *-*-sco3.2v5*)
511 if test -z "$GCC"; then
512 CFLAGS="$CFLAGS -belf"
513 fi
514 LIBS="$LIBS -lprot -lx -ltinfo -lm"
515 no_dev_ptmx=1
516 AC_DEFINE(USE_PIPES)
517 AC_DEFINE(HAVE_SECUREWARE)
518 AC_DEFINE(DISABLE_SHADOW)
519 AC_DEFINE(DISABLE_FD_PASSING)
520 AC_DEFINE(SETEUID_BREAKS_SETUID)
521 AC_DEFINE(BROKEN_SETREUID)
522 AC_DEFINE(BROKEN_SETREGID)
523 AC_DEFINE(WITH_ABBREV_NO_TTY)
524 AC_DEFINE(BROKEN_UPDWTMPX)
525 AC_DEFINE(PASSWD_NEEDS_USERNAME)
526 AC_CHECK_FUNCS(getluid setluid)
527 MANTYPE=man
528 TEST_SHELL=ksh
529 ;;
530 *-*-unicosmk*)
531 AC_DEFINE(NO_SSH_LASTLOG, 1,
532 [Define if you don't want to use lastlog in session.c])
533 AC_DEFINE(SETEUID_BREAKS_SETUID)
534 AC_DEFINE(BROKEN_SETREUID)
535 AC_DEFINE(BROKEN_SETREGID)
536 AC_DEFINE(USE_PIPES)
537 AC_DEFINE(DISABLE_FD_PASSING)
538 LDFLAGS="$LDFLAGS"
539 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
540 MANTYPE=cat
541 ;;
542 *-*-unicosmp*)
543 AC_DEFINE(SETEUID_BREAKS_SETUID)
544 AC_DEFINE(BROKEN_SETREUID)
545 AC_DEFINE(BROKEN_SETREGID)
546 AC_DEFINE(WITH_ABBREV_NO_TTY)
547 AC_DEFINE(USE_PIPES)
548 AC_DEFINE(DISABLE_FD_PASSING)
549 LDFLAGS="$LDFLAGS"
550 LIBS="$LIBS -lgen -lacid -ldb"
551 MANTYPE=cat
552 ;;
553 *-*-unicos*)
554 AC_DEFINE(SETEUID_BREAKS_SETUID)
555 AC_DEFINE(BROKEN_SETREUID)
556 AC_DEFINE(BROKEN_SETREGID)
557 AC_DEFINE(USE_PIPES)
558 AC_DEFINE(DISABLE_FD_PASSING)
559 AC_DEFINE(NO_SSH_LASTLOG)
560 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
561 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
562 MANTYPE=cat
563 ;;
564 *-dec-osf*)
565 AC_MSG_CHECKING(for Digital Unix SIA)
566 no_osfsia=""
567 AC_ARG_WITH(osfsia,
568 [ --with-osfsia Enable Digital Unix SIA],
569 [
570 if test "x$withval" = "xno" ; then
571 AC_MSG_RESULT(disabled)
572 no_osfsia=1
573 fi
574 ],
575 )
576 if test -z "$no_osfsia" ; then
577 if test -f /etc/sia/matrix.conf; then
578 AC_MSG_RESULT(yes)
579 AC_DEFINE(HAVE_OSF_SIA, 1,
580 [Define if you have Digital Unix Security
581 Integration Architecture])
582 AC_DEFINE(DISABLE_LOGIN, 1,
583 [Define if you don't want to use your
584 system's login() call])
585 AC_DEFINE(DISABLE_FD_PASSING)
586 LIBS="$LIBS -lsecurity -ldb -lm -laud"
587 else
588 AC_MSG_RESULT(no)
589 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
590 [String used in /etc/passwd to denote locked account])
591 fi
592 fi
593 AC_DEFINE(BROKEN_GETADDRINFO)
594 AC_DEFINE(SETEUID_BREAKS_SETUID)
595 AC_DEFINE(BROKEN_SETREUID)
596 AC_DEFINE(BROKEN_SETREGID)
597 ;;
599 *-*-nto-qnx*)
600 AC_DEFINE(USE_PIPES)
601 AC_DEFINE(NO_X11_UNIX_SOCKETS)
602 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
603 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
604 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
605 AC_DEFINE(DISABLE_LASTLOG)
606 AC_DEFINE(SSHD_ACQUIRES_CTTY)
607 enable_etc_default_login=no # has incompatible /etc/default/login
608 ;;
610 *-*-ultrix*)
611 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
612 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
613 AC_DEFINE(NEED_SETPGRP)
614 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
615 ;;
617 *-*-lynxos)
618 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
619 AC_DEFINE(MISSING_HOWMANY)
620 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
621 ;;
622 esac
624 # Allow user to specify flags
625 AC_ARG_WITH(cflags,
626 [ --with-cflags Specify additional flags to pass to compiler],
627 [
628 if test -n "$withval" && test "x$withval" != "xno" && \
629 test "x${withval}" != "xyes"; then
630 CFLAGS="$CFLAGS $withval"
631 fi
632 ]
633 )
634 AC_ARG_WITH(cppflags,
635 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
636 [
637 if test -n "$withval" && test "x$withval" != "xno" && \
638 test "x${withval}" != "xyes"; then
639 CPPFLAGS="$CPPFLAGS $withval"
640 fi
641 ]
642 )
643 AC_ARG_WITH(ldflags,
644 [ --with-ldflags Specify additional flags to pass to linker],
645 [
646 if test -n "$withval" && test "x$withval" != "xno" && \
647 test "x${withval}" != "xyes"; then
648 LDFLAGS="$LDFLAGS $withval"
649 fi
650 ]
651 )
652 AC_ARG_WITH(libs,
653 [ --with-libs Specify additional libraries to link with],
654 [
655 if test -n "$withval" && test "x$withval" != "xno" && \
656 test "x${withval}" != "xyes"; then
657 LIBS="$LIBS $withval"
658 fi
659 ]
660 )
661 AC_ARG_WITH(Werror,
662 [ --with-Werror Build main code with -Werror],
663 [
664 if test -n "$withval" && test "x$withval" != "xno"; then
665 werror_flags="-Werror"
666 if test "x${withval}" != "xyes"; then
667 werror_flags="$withval"
668 fi
669 fi
670 ]
671 )
673 AC_MSG_CHECKING(compiler and flags for sanity)
674 AC_RUN_IFELSE(
675 [AC_LANG_SOURCE([
676 #include <stdio.h>
677 int main(){exit(0);}
678 ])],
679 [ AC_MSG_RESULT(yes) ],
680 [
681 AC_MSG_RESULT(no)
682 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
683 ],
684 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
685 )
687 dnl Checks for header files.
688 AC_CHECK_HEADERS( \
689 bstring.h \
690 crypt.h \
691 crypto/sha2.h \
692 dirent.h \
693 endian.h \
694 features.h \
695 fcntl.h \
696 floatingpoint.h \
697 getopt.h \
698 glob.h \
699 ia.h \
700 iaf.h \
701 limits.h \
702 login.h \
703 maillock.h \
704 ndir.h \
705 net/if_tun.h \
706 netdb.h \
707 netgroup.h \
708 pam/pam_appl.h \
709 paths.h \
710 pty.h \
711 readpassphrase.h \
712 rpc/types.h \
713 security/pam_appl.h \
714 sha2.h \
715 shadow.h \
716 stddef.h \
717 stdint.h \
718 string.h \
719 strings.h \
720 sys/audit.h \
721 sys/bitypes.h \
722 sys/bsdtty.h \
723 sys/cdefs.h \
724 sys/dir.h \
725 sys/mman.h \
726 sys/ndir.h \
727 sys/prctl.h \
728 sys/pstat.h \
729 sys/select.h \
730 sys/stat.h \
731 sys/stream.h \
732 sys/stropts.h \
733 sys/strtio.h \
734 sys/sysmacros.h \
735 sys/time.h \
736 sys/timers.h \
737 sys/un.h \
738 time.h \
739 tmpdir.h \
740 ttyent.h \
741 unistd.h \
742 usersec.h \
743 util.h \
744 utime.h \
745 utmp.h \
746 utmpx.h \
747 vis.h \
748 )
750 # lastlog.h requires sys/time.h to be included first on Solaris
751 AC_CHECK_HEADERS(lastlog.h, [], [], [
752 #ifdef HAVE_SYS_TIME_H
753 # include <sys/time.h>
754 #endif
755 ])
757 # sys/ptms.h requires sys/stream.h to be included first on Solaris
758 AC_CHECK_HEADERS(sys/ptms.h, [], [], [
759 #ifdef HAVE_SYS_STREAM_H
760 # include <sys/stream.h>
761 #endif
762 ])
764 # login_cap.h requires sys/types.h on NetBSD
765 AC_CHECK_HEADERS(login_cap.h, [], [], [
766 #include <sys/types.h>
767 ])
769 # Checks for libraries.
770 AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
771 AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
773 dnl IRIX and Solaris 2.5.1 have dirname() in libgen
774 AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
775 AC_CHECK_LIB(gen, dirname,[
776 AC_CACHE_CHECK([for broken dirname],
777 ac_cv_have_broken_dirname, [
778 save_LIBS="$LIBS"
779 LIBS="$LIBS -lgen"
780 AC_RUN_IFELSE(
781 [AC_LANG_SOURCE([[
782 #include <libgen.h>
783 #include <string.h>
785 int main(int argc, char **argv) {
786 char *s, buf[32];
788 strncpy(buf,"/etc", 32);
789 s = dirname(buf);
790 if (!s || strncmp(s, "/", 32) != 0) {
791 exit(1);
792 } else {
793 exit(0);
794 }
795 }
796 ]])],
797 [ ac_cv_have_broken_dirname="no" ],
798 [ ac_cv_have_broken_dirname="yes" ],
799 [ ac_cv_have_broken_dirname="no" ],
800 )
801 LIBS="$save_LIBS"
802 ])
803 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
804 LIBS="$LIBS -lgen"
805 AC_DEFINE(HAVE_DIRNAME)
806 AC_CHECK_HEADERS(libgen.h)
807 fi
808 ])
809 ])
811 AC_CHECK_FUNC(getspnam, ,
812 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
813 AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
814 [Define if you have the basename function.]))
816 dnl zlib is required
817 AC_ARG_WITH(zlib,
818 [ --with-zlib=PATH Use zlib in PATH],
819 [ if test "x$withval" = "xno" ; then
820 AC_MSG_ERROR([*** zlib is required ***])
821 elif test "x$withval" != "xyes"; then
822 if test -d "$withval/lib"; then
823 if test -n "${need_dash_r}"; then
824 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
825 else
826 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
827 fi
828 else
829 if test -n "${need_dash_r}"; then
830 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
831 else
832 LDFLAGS="-L${withval} ${LDFLAGS}"
833 fi
834 fi
835 if test -d "$withval/include"; then
836 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
837 else
838 CPPFLAGS="-I${withval} ${CPPFLAGS}"
839 fi
840 fi ]
841 )
843 AC_CHECK_LIB(z, deflate, ,
844 [
845 saved_CPPFLAGS="$CPPFLAGS"
846 saved_LDFLAGS="$LDFLAGS"
847 save_LIBS="$LIBS"
848 dnl Check default zlib install dir
849 if test -n "${need_dash_r}"; then
850 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
851 else
852 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
853 fi
854 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
855 LIBS="$LIBS -lz"
856 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
857 [
858 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
859 ]
860 )
861 ]
862 )
863 AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
865 AC_ARG_WITH(zlib-version-check,
866 [ --without-zlib-version-check Disable zlib version check],
867 [ if test "x$withval" = "xno" ; then
868 zlib_check_nonfatal=1
869 fi
870 ]
871 )
873 AC_MSG_CHECKING(for possibly buggy zlib)
874 AC_RUN_IFELSE([AC_LANG_SOURCE([[
875 #include <stdio.h>
876 #include <zlib.h>
877 int main()
878 {
879 int a=0, b=0, c=0, d=0, n, v;
880 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
881 if (n != 3 && n != 4)
882 exit(1);
883 v = a*1000000 + b*10000 + c*100 + d;
884 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
886 /* 1.1.4 is OK */
887 if (a == 1 && b == 1 && c >= 4)
888 exit(0);
890 /* 1.2.3 and up are OK */
891 if (v >= 1020300)
892 exit(0);
894 exit(2);
895 }
896 ]])],
897 AC_MSG_RESULT(no),
898 [ AC_MSG_RESULT(yes)
899 if test -z "$zlib_check_nonfatal" ; then
900 AC_MSG_ERROR([*** zlib too old - check config.log ***
901 Your reported zlib version has known security problems. It's possible your
902 vendor has fixed these problems without changing the version number. If you
903 are sure this is the case, you can disable the check by running
904 "./configure --without-zlib-version-check".
905 If you are in doubt, upgrade zlib to version 1.2.3 or greater.
906 See http://www.gzip.org/zlib/ for details.])
907 else
908 AC_MSG_WARN([zlib version may have security problems])
909 fi
910 ],
911 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
912 )
914 dnl UnixWare 2.x
915 AC_CHECK_FUNC(strcasecmp,
916 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
917 )
918 AC_CHECK_FUNCS(utimes,
919 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
920 LIBS="$LIBS -lc89"]) ]
921 )
923 dnl Checks for libutil functions
924 AC_CHECK_HEADERS(libutil.h)
925 AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
926 [Define if your libraries define login()])])
927 AC_CHECK_FUNCS(logout updwtmp logwtmp)
929 AC_FUNC_STRFTIME
931 # Check for ALTDIRFUNC glob() extension
932 AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
933 AC_EGREP_CPP(FOUNDIT,
934 [
935 #include <glob.h>
936 #ifdef GLOB_ALTDIRFUNC
937 FOUNDIT
938 #endif
939 ],
940 [
941 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
942 [Define if your system glob() function has
943 the GLOB_ALTDIRFUNC extension])
944 AC_MSG_RESULT(yes)
945 ],
946 [
947 AC_MSG_RESULT(no)
948 ]
949 )
951 # Check for g.gl_matchc glob() extension
952 AC_MSG_CHECKING(for gl_matchc field in glob_t)
953 AC_TRY_COMPILE(
954 [ #include <glob.h> ],
955 [glob_t g; g.gl_matchc = 1;],
956 [
957 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
958 [Define if your system glob() function has
959 gl_matchc options in glob_t])
960 AC_MSG_RESULT(yes)
961 ],
962 [
963 AC_MSG_RESULT(no)
964 ]
965 )
967 AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
968 AC_RUN_IFELSE(
969 [AC_LANG_SOURCE([[
970 #include <sys/types.h>
971 #include <dirent.h>
972 int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
973 ]])],
974 [AC_MSG_RESULT(yes)],
975 [
976 AC_MSG_RESULT(no)
977 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
978 [Define if your struct dirent expects you to
979 allocate extra space for d_name])
980 ],
981 [
982 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
983 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
984 ]
985 )
987 AC_MSG_CHECKING([for /proc/pid/fd directory])
988 if test -d "/proc/$$/fd" ; then
989 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
990 AC_MSG_RESULT(yes)
991 else
992 AC_MSG_RESULT(no)
993 fi
995 # Check whether user wants S/Key support
996 SKEY_MSG="no"
997 AC_ARG_WITH(skey,
998 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
999 [
1000 if test "x$withval" != "xno" ; then
1002 if test "x$withval" != "xyes" ; then
1003 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1004 LDFLAGS="$LDFLAGS -L${withval}/lib"
1005 fi
1007 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
1008 LIBS="-lskey $LIBS"
1009 SKEY_MSG="yes"
1011 AC_MSG_CHECKING([for s/key support])
1012 AC_LINK_IFELSE(
1013 [AC_LANG_SOURCE([[
1014 #include <stdio.h>
1015 #include <skey.h>
1016 int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
1017 ]])],
1018 [AC_MSG_RESULT(yes)],
1019 [
1020 AC_MSG_RESULT(no)
1021 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1022 ])
1023 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1024 AC_TRY_COMPILE(
1025 [#include <stdio.h>
1026 #include <skey.h>],
1027 [(void)skeychallenge(NULL,"name","",0);],
1028 [AC_MSG_RESULT(yes)
1029 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1030 [Define if your skeychallenge()
1031 function takes 4 arguments (NetBSD)])],
1032 [AC_MSG_RESULT(no)]
1033 )
1034 fi
1035 ]
1036 )
1038 # Check whether user wants TCP wrappers support
1039 TCPW_MSG="no"
1040 AC_ARG_WITH(tcp-wrappers,
1041 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
1042 [
1043 if test "x$withval" != "xno" ; then
1044 saved_LIBS="$LIBS"
1045 saved_LDFLAGS="$LDFLAGS"
1046 saved_CPPFLAGS="$CPPFLAGS"
1047 if test -n "${withval}" && \
1048 test "x${withval}" != "xyes"; then
1049 if test -d "${withval}/lib"; then
1050 if test -n "${need_dash_r}"; then
1051 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1052 else
1053 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1054 fi
1055 else
1056 if test -n "${need_dash_r}"; then
1057 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1058 else
1059 LDFLAGS="-L${withval} ${LDFLAGS}"
1060 fi
1061 fi
1062 if test -d "${withval}/include"; then
1063 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1064 else
1065 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1066 fi
1067 fi
1068 LIBWRAP="-lwrap"
1069 LIBS="$LIBWRAP $LIBS"
1070 AC_MSG_CHECKING(for libwrap)
1071 AC_TRY_LINK(
1072 [
1073 #include <sys/types.h>
1074 #include <sys/socket.h>
1075 #include <netinet/in.h>
1076 #include <tcpd.h>
1077 int deny_severity = 0, allow_severity = 0;
1078 ],
1079 [hosts_access(0);],
1080 [
1081 AC_MSG_RESULT(yes)
1082 AC_DEFINE(LIBWRAP, 1,
1083 [Define if you want
1084 TCP Wrappers support])
1085 AC_SUBST(LIBWRAP)
1086 TCPW_MSG="yes"
1087 ],
1088 [
1089 AC_MSG_ERROR([*** libwrap missing])
1090 ]
1091 )
1092 LIBS="$saved_LIBS"
1093 fi
1094 ]
1095 )
1097 # Check whether user wants libedit support
1098 LIBEDIT_MSG="no"
1099 AC_ARG_WITH(libedit,
1100 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1101 [ if test "x$withval" != "xno" ; then
1102 if test "x$withval" != "xyes"; then
1103 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1104 if test -n "${need_dash_r}"; then
1105 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1106 else
1107 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1108 fi
1109 fi
1110 AC_CHECK_LIB(edit, el_init,
1111 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
1112 LIBEDIT="-ledit -lcurses"
1113 LIBEDIT_MSG="yes"
1114 AC_SUBST(LIBEDIT)
1115 ],
1116 [ AC_MSG_ERROR(libedit not found) ],
1117 [ -lcurses ]
1118 )
1119 AC_MSG_CHECKING(if libedit version is compatible)
1120 AC_COMPILE_IFELSE(
1121 [AC_LANG_SOURCE([[
1122 #include <histedit.h>
1123 int main(void)
1124 {
1125 int i = H_SETSIZE;
1126 el_init("", NULL, NULL, NULL);
1127 exit(0);
1128 }
1129 ]])],
1130 [ AC_MSG_RESULT(yes) ],
1131 [ AC_MSG_RESULT(no)
1132 AC_MSG_ERROR(libedit version is not compatible) ]
1133 )
1134 fi ]
1135 )
1137 AUDIT_MODULE=none
1138 AC_ARG_WITH(audit,
1139 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1140 [
1141 AC_MSG_CHECKING(for supported audit module)
1142 case "$withval" in
1143 bsm)
1144 AC_MSG_RESULT(bsm)
1145 AUDIT_MODULE=bsm
1146 dnl Checks for headers, libs and functions
1147 AC_CHECK_HEADERS(bsm/audit.h, [],
1148 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1149 AC_CHECK_LIB(bsm, getaudit, [],
1150 [AC_MSG_ERROR(BSM enabled and required library not found)])
1151 AC_CHECK_FUNCS(getaudit, [],
1152 [AC_MSG_ERROR(BSM enabled and required function not found)])
1153 # These are optional
1154 AC_CHECK_FUNCS(getaudit_addr)
1155 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
1156 ;;
1157 debug)
1158 AUDIT_MODULE=debug
1159 AC_MSG_RESULT(debug)
1160 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
1161 ;;
1162 no)
1163 AC_MSG_RESULT(no)
1164 ;;
1165 *)
1166 AC_MSG_ERROR([Unknown audit module $withval])
1167 ;;
1168 esac ]
1169 )
1171 dnl Checks for library functions. Please keep in alphabetical order
1172 AC_CHECK_FUNCS( \
1173 arc4random \
1174 asprintf \
1175 b64_ntop \
1176 __b64_ntop \
1177 b64_pton \
1178 __b64_pton \
1179 bcopy \
1180 bindresvport_sa \
1181 clock \
1182 closefrom \
1183 dirfd \
1184 fchmod \
1185 fchown \
1186 freeaddrinfo \
1187 futimes \
1188 getaddrinfo \
1189 getcwd \
1190 getgrouplist \
1191 getnameinfo \
1192 getopt \
1193 getpeereid \
1194 _getpty \
1195 getrlimit \
1196 getttyent \
1197 glob \
1198 inet_aton \
1199 inet_ntoa \
1200 inet_ntop \
1201 innetgr \
1202 login_getcapbool \
1203 md5_crypt \
1204 memmove \
1205 mkdtemp \
1206 mmap \
1207 ngetaddrinfo \
1208 nsleep \
1209 ogetaddrinfo \
1210 openlog_r \
1211 openpty \
1212 prctl \
1213 pstat \
1214 readpassphrase \
1215 realpath \
1216 recvmsg \
1217 rresvport_af \
1218 sendmsg \
1219 setdtablesize \
1220 setegid \
1221 setenv \
1222 seteuid \
1223 setgroups \
1224 setlogin \
1225 setpcred \
1226 setproctitle \
1227 setregid \
1228 setreuid \
1229 setrlimit \
1230 setsid \
1231 setvbuf \
1232 sigaction \
1233 sigvec \
1234 snprintf \
1235 socketpair \
1236 strdup \
1237 strerror \
1238 strlcat \
1239 strlcpy \
1240 strmode \
1241 strnvis \
1242 strtonum \
1243 strtoll \
1244 strtoul \
1245 sysconf \
1246 tcgetpgrp \
1247 truncate \
1248 unsetenv \
1249 updwtmpx \
1250 vasprintf \
1251 vhangup \
1252 vsnprintf \
1253 waitpid \
1254 )
1256 # IRIX has a const char return value for gai_strerror()
1257 AC_CHECK_FUNCS(gai_strerror,[
1258 AC_DEFINE(HAVE_GAI_STRERROR)
1259 AC_TRY_COMPILE([
1260 #include <sys/types.h>
1261 #include <sys/socket.h>
1262 #include <netdb.h>
1264 const char *gai_strerror(int);],[
1265 char *str;
1267 str = gai_strerror(0);],[
1268 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1269 [Define if gai_strerror() returns const char *])])])
1271 AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1272 [Some systems put nanosleep outside of libc]))
1274 dnl Make sure prototypes are defined for these before using them.
1275 AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
1276 AC_CHECK_DECL(strsep,
1277 [AC_CHECK_FUNCS(strsep)],
1278 [],
1279 [
1280 #ifdef HAVE_STRING_H
1281 # include <string.h>
1282 #endif
1283 ])
1285 dnl tcsendbreak might be a macro
1286 AC_CHECK_DECL(tcsendbreak,
1287 [AC_DEFINE(HAVE_TCSENDBREAK)],
1288 [AC_CHECK_FUNCS(tcsendbreak)],
1289 [#include <termios.h>]
1290 )
1292 AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1294 AC_CHECK_DECLS(SHUT_RD, , ,
1295 [
1296 #include <sys/types.h>
1297 #include <sys/socket.h>
1298 ])
1300 AC_CHECK_DECLS(O_NONBLOCK, , ,
1301 [
1302 #include <sys/types.h>
1303 #ifdef HAVE_SYS_STAT_H
1304 # include <sys/stat.h>
1305 #endif
1306 #ifdef HAVE_FCNTL_H
1307 # include <fcntl.h>
1308 #endif
1309 ])
1311 AC_CHECK_FUNCS(setresuid, [
1312 dnl Some platorms have setresuid that isn't implemented, test for this
1313 AC_MSG_CHECKING(if setresuid seems to work)
1314 AC_RUN_IFELSE(
1315 [AC_LANG_SOURCE([[
1316 #include <stdlib.h>
1317 #include <errno.h>
1318 int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
1319 ]])],
1320 [AC_MSG_RESULT(yes)],
1321 [AC_DEFINE(BROKEN_SETRESUID, 1,
1322 [Define if your setresuid() is broken])
1323 AC_MSG_RESULT(not implemented)],
1324 [AC_MSG_WARN([cross compiling: not checking setresuid])]
1325 )
1326 ])
1328 AC_CHECK_FUNCS(setresgid, [
1329 dnl Some platorms have setresgid that isn't implemented, test for this
1330 AC_MSG_CHECKING(if setresgid seems to work)
1331 AC_RUN_IFELSE(
1332 [AC_LANG_SOURCE([[
1333 #include <stdlib.h>
1334 #include <errno.h>
1335 int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
1336 ]])],
1337 [AC_MSG_RESULT(yes)],
1338 [AC_DEFINE(BROKEN_SETRESGID, 1,
1339 [Define if your setresgid() is broken])
1340 AC_MSG_RESULT(not implemented)],
1341 [AC_MSG_WARN([cross compiling: not checking setresuid])]
1342 )
1343 ])
1345 dnl Checks for time functions
1346 AC_CHECK_FUNCS(gettimeofday time)
1347 dnl Checks for utmp functions
1348 AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1349 AC_CHECK_FUNCS(utmpname)
1350 dnl Checks for utmpx functions
1351 AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1352 AC_CHECK_FUNCS(setutxent utmpxname)
1354 AC_CHECK_FUNC(daemon,
1355 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1356 [AC_CHECK_LIB(bsd, daemon,
1357 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
1358 )
1360 AC_CHECK_FUNC(getpagesize,
1361 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1362 [Define if your libraries define getpagesize()])],
1363 [AC_CHECK_LIB(ucb, getpagesize,
1364 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
1365 )
1367 # Check for broken snprintf
1368 if test "x$ac_cv_func_snprintf" = "xyes" ; then
1369 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1370 AC_RUN_IFELSE(
1371 [AC_LANG_SOURCE([[
1372 #include <stdio.h>
1373 int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
1374 ]])],
1375 [AC_MSG_RESULT(yes)],
1376 [
1377 AC_MSG_RESULT(no)
1378 AC_DEFINE(BROKEN_SNPRINTF, 1,
1379 [Define if your snprintf is busted])
1380 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1381 ],
1382 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
1383 )
1384 fi
1386 # If we don't have a working asprintf, then we strongly depend on vsnprintf
1387 # returning the right thing on overflow: the number of characters it tried to
1388 # create (as per SUSv3)
1389 if test "x$ac_cv_func_asprintf" != "xyes" && \
1390 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1391 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1392 AC_RUN_IFELSE(
1393 [AC_LANG_SOURCE([[
1394 #include <sys/types.h>
1395 #include <stdio.h>
1396 #include <stdarg.h>
1398 int x_snprintf(char *str,size_t count,const char *fmt,...)
1399 {
1400 size_t ret; va_list ap;
1401 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1402 return ret;
1403 }
1404 int main(void)
1405 {
1406 char x[1];
1407 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1408 } ]])],
1409 [AC_MSG_RESULT(yes)],
1410 [
1411 AC_MSG_RESULT(no)
1412 AC_DEFINE(BROKEN_SNPRINTF, 1,
1413 [Define if your snprintf is busted])
1414 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1415 ],
1416 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1417 )
1418 fi
1420 # On systems where [v]snprintf is broken, but is declared in stdio,
1421 # check that the fmt argument is const char * or just char *.
1422 # This is only useful for when BROKEN_SNPRINTF
1423 AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1424 AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1425 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1426 int main(void) { snprintf(0, 0, 0); }
1427 ]])],
1428 [AC_MSG_RESULT(yes)
1429 AC_DEFINE(SNPRINTF_CONST, [const],
1430 [Define as const if snprintf() can declare const char *fmt])],
1431 [AC_MSG_RESULT(no)
1432 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1434 # Check for missing getpeereid (or equiv) support
1435 NO_PEERCHECK=""
1436 if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1437 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1438 AC_TRY_COMPILE(
1439 [#include <sys/types.h>
1440 #include <sys/socket.h>],
1441 [int i = SO_PEERCRED;],
1442 [ AC_MSG_RESULT(yes)
1443 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
1444 ],
1445 [AC_MSG_RESULT(no)
1446 NO_PEERCHECK=1]
1447 )
1448 fi
1450 dnl see whether mkstemp() requires XXXXXX
1451 if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1452 AC_MSG_CHECKING([for (overly) strict mkstemp])
1453 AC_RUN_IFELSE(
1454 [AC_LANG_SOURCE([[
1455 #include <stdlib.h>
1456 main() { char template[]="conftest.mkstemp-test";
1457 if (mkstemp(template) == -1)
1458 exit(1);
1459 unlink(template); exit(0);
1460 }
1461 ]])],
1462 [
1463 AC_MSG_RESULT(no)
1464 ],
1465 [
1466 AC_MSG_RESULT(yes)
1467 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
1468 ],
1469 [
1470 AC_MSG_RESULT(yes)
1471 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1472 ]
1473 )
1474 fi
1476 dnl make sure that openpty does not reacquire controlling terminal
1477 if test ! -z "$check_for_openpty_ctty_bug"; then
1478 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1479 AC_RUN_IFELSE(
1480 [AC_LANG_SOURCE([[
1481 #include <stdio.h>
1482 #include <sys/fcntl.h>
1483 #include <sys/types.h>
1484 #include <sys/wait.h>
1486 int
1487 main()
1488 {
1489 pid_t pid;
1490 int fd, ptyfd, ttyfd, status;
1492 pid = fork();
1493 if (pid < 0) { /* failed */
1494 exit(1);
1495 } else if (pid > 0) { /* parent */
1496 waitpid(pid, &status, 0);
1497 if (WIFEXITED(status))
1498 exit(WEXITSTATUS(status));
1499 else
1500 exit(2);
1501 } else { /* child */
1502 close(0); close(1); close(2);
1503 setsid();
1504 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1505 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1506 if (fd >= 0)
1507 exit(3); /* Acquired ctty: broken */
1508 else
1509 exit(0); /* Did not acquire ctty: OK */
1510 }
1511 }
1512 ]])],
1513 [
1514 AC_MSG_RESULT(yes)
1515 ],
1516 [
1517 AC_MSG_RESULT(no)
1518 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1519 ],
1520 [
1521 AC_MSG_RESULT(cross-compiling, assuming yes)
1522 ]
1523 )
1524 fi
1526 if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1527 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
1528 AC_MSG_CHECKING(if getaddrinfo seems to work)
1529 AC_RUN_IFELSE(
1530 [AC_LANG_SOURCE([[
1531 #include <stdio.h>
1532 #include <sys/socket.h>
1533 #include <netdb.h>
1534 #include <errno.h>
1535 #include <netinet/in.h>
1537 #define TEST_PORT "2222"
1539 int
1540 main(void)
1541 {
1542 int err, sock;
1543 struct addrinfo *gai_ai, *ai, hints;
1544 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1546 memset(&hints, 0, sizeof(hints));
1547 hints.ai_family = PF_UNSPEC;
1548 hints.ai_socktype = SOCK_STREAM;
1549 hints.ai_flags = AI_PASSIVE;
1551 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1552 if (err != 0) {
1553 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1554 exit(1);
1555 }
1557 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1558 if (ai->ai_family != AF_INET6)
1559 continue;
1561 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1562 sizeof(ntop), strport, sizeof(strport),
1563 NI_NUMERICHOST|NI_NUMERICSERV);
1565 if (err != 0) {
1566 if (err == EAI_SYSTEM)
1567 perror("getnameinfo EAI_SYSTEM");
1568 else
1569 fprintf(stderr, "getnameinfo failed: %s\n",
1570 gai_strerror(err));
1571 exit(2);
1572 }
1574 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1575 if (sock < 0)
1576 perror("socket");
1577 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1578 if (errno == EBADF)
1579 exit(3);
1580 }
1581 }
1582 exit(0);
1583 }
1584 ]])],
1585 [
1586 AC_MSG_RESULT(yes)
1587 ],
1588 [
1589 AC_MSG_RESULT(no)
1590 AC_DEFINE(BROKEN_GETADDRINFO)
1591 ],
1592 [
1593 AC_MSG_RESULT(cross-compiling, assuming yes)
1594 ]
1595 )
1596 fi
1598 if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1599 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
1600 AC_MSG_CHECKING(if getaddrinfo seems to work)
1601 AC_RUN_IFELSE(
1602 [AC_LANG_SOURCE([[
1603 #include <stdio.h>
1604 #include <sys/socket.h>
1605 #include <netdb.h>
1606 #include <errno.h>
1607 #include <netinet/in.h>
1609 #define TEST_PORT "2222"
1611 int
1612 main(void)
1613 {
1614 int err, sock;
1615 struct addrinfo *gai_ai, *ai, hints;
1616 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1618 memset(&hints, 0, sizeof(hints));
1619 hints.ai_family = PF_UNSPEC;
1620 hints.ai_socktype = SOCK_STREAM;
1621 hints.ai_flags = AI_PASSIVE;
1623 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1624 if (err != 0) {
1625 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1626 exit(1);
1627 }
1629 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1630 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1631 continue;
1633 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1634 sizeof(ntop), strport, sizeof(strport),
1635 NI_NUMERICHOST|NI_NUMERICSERV);
1637 if (ai->ai_family == AF_INET && err != 0) {
1638 perror("getnameinfo");
1639 exit(2);
1640 }
1641 }
1642 exit(0);
1643 }
1644 ]])],
1645 [
1646 AC_MSG_RESULT(yes)
1647 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1648 [Define if you have a getaddrinfo that fails
1649 for the all-zeros IPv6 address])
1650 ],
1651 [
1652 AC_MSG_RESULT(no)
1653 AC_DEFINE(BROKEN_GETADDRINFO)
1654 ],
1655 [
1656 AC_MSG_RESULT(cross-compiling, assuming no)
1657 ]
1658 )
1659 fi
1661 if test "x$check_for_conflicting_getspnam" = "x1"; then
1662 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1663 AC_COMPILE_IFELSE(
1664 [
1665 #include <shadow.h>
1666 int main(void) {exit(0);}
1667 ],
1668 [
1669 AC_MSG_RESULT(no)
1670 ],
1671 [
1672 AC_MSG_RESULT(yes)
1673 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1674 [Conflicting defs for getspnam])
1675 ]
1676 )
1677 fi
1679 AC_FUNC_GETPGRP
1681 # Check for PAM libs
1682 PAM_MSG="no"
1683 AC_ARG_WITH(pam,
1684 [ --with-pam Enable PAM support ],
1685 [
1686 if test "x$withval" != "xno" ; then
1687 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1688 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
1689 AC_MSG_ERROR([PAM headers not found])
1690 fi
1692 AC_CHECK_LIB(dl, dlopen, , )
1693 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1694 AC_CHECK_FUNCS(pam_getenvlist)
1695 AC_CHECK_FUNCS(pam_putenv)
1697 PAM_MSG="yes"
1699 AC_DEFINE(USE_PAM, 1,
1700 [Define if you want to enable PAM support])
1701 if test $ac_cv_lib_dl_dlopen = yes; then
1702 LIBPAM="-lpam -ldl"
1703 else
1704 LIBPAM="-lpam"
1705 fi
1706 AC_SUBST(LIBPAM)
1707 fi
1708 ]
1709 )
1711 # Check for older PAM
1712 if test "x$PAM_MSG" = "xyes" ; then
1713 # Check PAM strerror arguments (old PAM)
1714 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1715 AC_TRY_COMPILE(
1716 [
1717 #include <stdlib.h>
1718 #if defined(HAVE_SECURITY_PAM_APPL_H)
1719 #include <security/pam_appl.h>
1720 #elif defined (HAVE_PAM_PAM_APPL_H)
1721 #include <pam/pam_appl.h>
1722 #endif
1723 ],
1724 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
1725 [AC_MSG_RESULT(no)],
1726 [
1727 AC_DEFINE(HAVE_OLD_PAM, 1,
1728 [Define if you have an old version of PAM
1729 which takes only one argument to pam_strerror])
1730 AC_MSG_RESULT(yes)
1731 PAM_MSG="yes (old library)"
1732 ]
1733 )
1734 fi
1736 # Search for OpenSSL
1737 saved_CPPFLAGS="$CPPFLAGS"
1738 saved_LDFLAGS="$LDFLAGS"
1739 AC_ARG_WITH(ssl-dir,
1740 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1741 [
1742 if test "x$withval" != "xno" ; then
1743 case "$withval" in
1744 # Relative paths
1745 ./*|../*) withval="`pwd`/$withval"
1746 esac
1747 if test -d "$withval/lib"; then
1748 if test -n "${need_dash_r}"; then
1749 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1750 else
1751 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1752 fi
1753 else
1754 if test -n "${need_dash_r}"; then
1755 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1756 else
1757 LDFLAGS="-L${withval} ${LDFLAGS}"
1758 fi
1759 fi
1760 if test -d "$withval/include"; then
1761 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1762 else
1763 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1764 fi
1765 fi
1766 ]
1767 )
1768 LIBS="-lcrypto $LIBS"
1769 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1770 [Define if your ssl headers are included
1771 with #include <openssl/header.h>]),
1772 [
1773 dnl Check default openssl install dir
1774 if test -n "${need_dash_r}"; then
1775 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
1776 else
1777 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
1778 fi
1779 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1780 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1781 [
1782 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1783 ]
1784 )
1785 ]
1786 )
1788 # Determine OpenSSL header version
1789 AC_MSG_CHECKING([OpenSSL header version])
1790 AC_RUN_IFELSE(
1791 [AC_LANG_SOURCE([[
1792 #include <stdio.h>
1793 #include <string.h>
1794 #include <openssl/opensslv.h>
1795 #define DATA "conftest.sslincver"
1796 int main(void) {
1797 FILE *fd;
1798 int rc;
1800 fd = fopen(DATA,"w");
1801 if(fd == NULL)
1802 exit(1);
1804 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1805 exit(1);
1807 exit(0);
1808 }
1809 ]])],
1810 [
1811 ssl_header_ver=`cat conftest.sslincver`
1812 AC_MSG_RESULT($ssl_header_ver)
1813 ],
1814 [
1815 AC_MSG_RESULT(not found)
1816 AC_MSG_ERROR(OpenSSL version header not found.)
1817 ],
1818 [
1819 AC_MSG_WARN([cross compiling: not checking])
1820 ]
1821 )
1823 # Determine OpenSSL library version
1824 AC_MSG_CHECKING([OpenSSL library version])
1825 AC_RUN_IFELSE(
1826 [AC_LANG_SOURCE([[
1827 #include <stdio.h>
1828 #include <string.h>
1829 #include <openssl/opensslv.h>
1830 #include <openssl/crypto.h>
1831 #define DATA "conftest.ssllibver"
1832 int main(void) {
1833 FILE *fd;
1834 int rc;
1836 fd = fopen(DATA,"w");
1837 if(fd == NULL)
1838 exit(1);
1840 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1841 exit(1);
1843 exit(0);
1844 }
1845 ]])],
1846 [
1847 ssl_library_ver=`cat conftest.ssllibver`
1848 AC_MSG_RESULT($ssl_library_ver)
1849 ],
1850 [
1851 AC_MSG_RESULT(not found)
1852 AC_MSG_ERROR(OpenSSL library not found.)
1853 ],
1854 [
1855 AC_MSG_WARN([cross compiling: not checking])
1856 ]
1857 )
1859 # Sanity check OpenSSL headers
1860 AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1861 AC_RUN_IFELSE(
1862 [AC_LANG_SOURCE([[
1863 #include <string.h>
1864 #include <openssl/opensslv.h>
1865 int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
1866 ]])],
1867 [
1868 AC_MSG_RESULT(yes)
1869 ],
1870 [
1871 AC_MSG_RESULT(no)
1872 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1873 Check config.log for details.
1874 Also see contrib/findssl.sh for help identifying header/library mismatches.])
1875 ],
1876 [
1877 AC_MSG_WARN([cross compiling: not checking])
1878 ]
1879 )
1881 AC_ARG_WITH(ssl-engine,
1882 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1883 [ if test "x$withval" != "xno" ; then
1884 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1885 AC_TRY_COMPILE(
1886 [ #include <openssl/engine.h>],
1887 [
1888 int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1889 ],
1890 [ AC_MSG_RESULT(yes)
1891 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1892 [Enable OpenSSL engine support])
1893 ],
1894 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1895 )
1896 fi ]
1897 )
1899 # Check for OpenSSL without EVP_aes_{192,256}_cbc
1900 AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
1901 AC_LINK_IFELSE(
1902 [AC_LANG_SOURCE([[
1903 #include <string.h>
1904 #include <openssl/evp.h>
1905 int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
1906 ]])],
1907 [
1908 AC_MSG_RESULT(no)
1909 ],
1910 [
1911 AC_MSG_RESULT(yes)
1912 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1913 [libcrypto is missing AES 192 and 256 bit functions])
1914 ]
1915 )
1917 # Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1918 # because the system crypt() is more featureful.
1919 if test "x$check_for_libcrypt_before" = "x1"; then
1920 AC_CHECK_LIB(crypt, crypt)
1921 fi
1923 # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
1924 # version in OpenSSL.
1925 if test "x$check_for_libcrypt_later" = "x1"; then
1926 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
1927 fi
1929 # Search for SHA256 support in libc and/or OpenSSL
1930 AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1932 AC_CHECK_LIB(iaf, ia_openinfo)
1934 ### Configure cryptographic random number support
1936 # Check wheter OpenSSL seeds itself
1937 AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1938 AC_RUN_IFELSE(
1939 [AC_LANG_SOURCE([[
1940 #include <string.h>
1941 #include <openssl/rand.h>
1942 int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
1943 ]])],
1944 [
1945 OPENSSL_SEEDS_ITSELF=yes
1946 AC_MSG_RESULT(yes)
1947 ],
1948 [
1949 AC_MSG_RESULT(no)
1950 # Default to use of the rand helper if OpenSSL doesn't
1951 # seed itself
1952 USE_RAND_HELPER=yes
1953 ],
1954 [
1955 AC_MSG_WARN([cross compiling: assuming yes])
1956 # This is safe, since all recent OpenSSL versions will
1957 # complain at runtime if not seeded correctly.
1958 OPENSSL_SEEDS_ITSELF=yes
1959 ]
1960 )
1963 # Do we want to force the use of the rand helper?
1964 AC_ARG_WITH(rand-helper,
1965 [ --with-rand-helper Use subprocess to gather strong randomness ],
1966 [
1967 if test "x$withval" = "xno" ; then
1968 # Force use of OpenSSL's internal RNG, even if
1969 # the previous test showed it to be unseeded.
1970 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1971 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1972 OPENSSL_SEEDS_ITSELF=yes
1973 USE_RAND_HELPER=""
1974 fi
1975 else
1976 USE_RAND_HELPER=yes
1977 fi
1978 ],
1979 )
1981 # Which randomness source do we use?
1982 if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
1983 # OpenSSL only
1984 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
1985 [Define if you want OpenSSL's internally seeded PRNG only])
1986 RAND_MSG="OpenSSL internal ONLY"
1987 INSTALL_SSH_RAND_HELPER=""
1988 elif test ! -z "$USE_RAND_HELPER" ; then
1989 # install rand helper
1990 RAND_MSG="ssh-rand-helper"
1991 INSTALL_SSH_RAND_HELPER="yes"
1992 fi
1993 AC_SUBST(INSTALL_SSH_RAND_HELPER)
1995 ### Configuration of ssh-rand-helper
1997 # PRNGD TCP socket
1998 AC_ARG_WITH(prngd-port,
1999 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2000 [
2001 case "$withval" in
2002 no)
2003 withval=""
2004 ;;
2005 [[0-9]]*)
2006 ;;
2007 *)
2008 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2009 ;;
2010 esac
2011 if test ! -z "$withval" ; then
2012 PRNGD_PORT="$withval"
2013 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2014 [Port number of PRNGD/EGD random number socket])
2015 fi
2016 ]
2017 )
2019 # PRNGD Unix domain socket
2020 AC_ARG_WITH(prngd-socket,
2021 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2022 [
2023 case "$withval" in
2024 yes)
2025 withval="/var/run/egd-pool"
2026 ;;
2027 no)
2028 withval=""
2029 ;;
2030 /*)
2031 ;;
2032 *)
2033 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2034 ;;
2035 esac
2037 if test ! -z "$withval" ; then
2038 if test ! -z "$PRNGD_PORT" ; then
2039 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2040 fi
2041 if test ! -r "$withval" ; then
2042 AC_MSG_WARN(Entropy socket is not readable)
2043 fi
2044 PRNGD_SOCKET="$withval"
2045 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2046 [Location of PRNGD/EGD random number socket])
2047 fi
2048 ],
2049 [
2050 # Check for existing socket only if we don't have a random device already
2051 if test "$USE_RAND_HELPER" = yes ; then
2052 AC_MSG_CHECKING(for PRNGD/EGD socket)
2053 # Insert other locations here
2054 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2055 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2056 PRNGD_SOCKET="$sock"
2057 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2058 break;
2059 fi
2060 done
2061 if test ! -z "$PRNGD_SOCKET" ; then
2062 AC_MSG_RESULT($PRNGD_SOCKET)
2063 else
2064 AC_MSG_RESULT(not found)
2065 fi
2066 fi
2067 ]
2068 )
2070 # Change default command timeout for hashing entropy source
2071 entropy_timeout=200
2072 AC_ARG_WITH(entropy-timeout,
2073 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2074 [
2075 if test -n "$withval" && test "x$withval" != "xno" && \
2076 test "x${withval}" != "xyes"; then
2077 entropy_timeout=$withval
2078 fi
2079 ]
2080 )
2081 AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2082 [Builtin PRNG command timeout])
2084 SSH_PRIVSEP_USER=sshd
2085 AC_ARG_WITH(privsep-user,
2086 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2087 [
2088 if test -n "$withval" && test "x$withval" != "xno" && \
2089 test "x${withval}" != "xyes"; then
2090 SSH_PRIVSEP_USER=$withval
2091 fi
2092 ]
2093 )
2094 AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2095 [non-privileged user for privilege separation])
2096 AC_SUBST(SSH_PRIVSEP_USER)
2098 # We do this little dance with the search path to insure
2099 # that programs that we select for use by installed programs
2100 # (which may be run by the super-user) come from trusted
2101 # locations before they come from the user's private area.
2102 # This should help avoid accidentally configuring some
2103 # random version of a program in someone's personal bin.
2105 OPATH=$PATH
2106 PATH=/bin:/usr/bin
2107 test -h /bin 2> /dev/null && PATH=/usr/bin
2108 test -d /sbin && PATH=$PATH:/sbin
2109 test -d /usr/sbin && PATH=$PATH:/usr/sbin
2110 PATH=$PATH:/etc:$OPATH
2112 # These programs are used by the command hashing source to gather entropy
2113 OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2114 OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2115 OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2116 OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2117 OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2118 OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2119 OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2120 OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2121 OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2122 OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2123 OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2124 OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2125 OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2126 OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2127 OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2128 OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
2129 # restore PATH
2130 PATH=$OPATH
2132 # Where does ssh-rand-helper get its randomness from?
2133 INSTALL_SSH_PRNG_CMDS=""
2134 if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2135 if test ! -z "$PRNGD_PORT" ; then
2136 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2137 elif test ! -z "$PRNGD_SOCKET" ; then
2138 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2139 else
2140 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2141 RAND_HELPER_CMDHASH=yes
2142 INSTALL_SSH_PRNG_CMDS="yes"
2143 fi
2144 fi
2145 AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2148 # Cheap hack to ensure NEWS-OS libraries are arranged right.
2149 if test ! -z "$SONY" ; then
2150 LIBS="$LIBS -liberty";
2151 fi
2153 # Check for long long datatypes
2154 AC_CHECK_TYPES([long long, unsigned long long, long double])
2156 # Check datatype sizes
2157 AC_CHECK_SIZEOF(char, 1)
2158 AC_CHECK_SIZEOF(short int, 2)
2159 AC_CHECK_SIZEOF(int, 4)
2160 AC_CHECK_SIZEOF(long int, 4)
2161 AC_CHECK_SIZEOF(long long int, 8)
2163 # Sanity check long long for some platforms (AIX)
2164 if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2165 ac_cv_sizeof_long_long_int=0
2166 fi
2168 # compute LLONG_MIN and LLONG_MAX if we don't know them.
2169 if test -z "$have_llong_max"; then
2170 AC_MSG_CHECKING([for max value of long long])
2171 AC_RUN_IFELSE(
2172 [AC_LANG_SOURCE([[
2173 #include <stdio.h>
2174 /* Why is this so damn hard? */
2175 #ifdef __GNUC__
2176 # undef __GNUC__
2177 #endif
2178 #define __USE_ISOC99
2179 #include <limits.h>
2180 #define DATA "conftest.llminmax"
2181 #define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2183 /*
2184 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2185 * we do this the hard way.
2186 */
2187 static int
2188 fprint_ll(FILE *f, long long n)
2189 {
2190 unsigned int i;
2191 int l[sizeof(long long) * 8];
2193 if (n < 0)
2194 if (fprintf(f, "-") < 0)
2195 return -1;
2196 for (i = 0; n != 0; i++) {
2197 l[i] = my_abs(n % 10);
2198 n /= 10;
2199 }
2200 do {
2201 if (fprintf(f, "%d", l[--i]) < 0)
2202 return -1;
2203 } while (i != 0);
2204 if (fprintf(f, " ") < 0)
2205 return -1;
2206 return 0;
2207 }
2209 int main(void) {
2210 FILE *f;
2211 long long i, llmin, llmax = 0;
2213 if((f = fopen(DATA,"w")) == NULL)
2214 exit(1);
2216 #if defined(LLONG_MIN) && defined(LLONG_MAX)
2217 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2218 llmin = LLONG_MIN;
2219 llmax = LLONG_MAX;
2220 #else
2221 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2222 /* This will work on one's complement and two's complement */
2223 for (i = 1; i > llmax; i <<= 1, i++)
2224 llmax = i;
2225 llmin = llmax + 1LL; /* wrap */
2226 #endif
2228 /* Sanity check */
2229 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
2230 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2231 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
2232 fprintf(f, "unknown unknown\n");
2233 exit(2);
2234 }
2236 if (fprint_ll(f, llmin) < 0)
2237 exit(3);
2238 if (fprint_ll(f, llmax) < 0)
2239 exit(4);
2240 if (fclose(f) < 0)
2241 exit(5);
2242 exit(0);
2243 }
2244 ]])],
2245 [
2246 llong_min=`$AWK '{print $1}' conftest.llminmax`
2247 llong_max=`$AWK '{print $2}' conftest.llminmax`
2249 AC_MSG_RESULT($llong_max)
2250 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2251 [max value of long long calculated by configure])
2252 AC_MSG_CHECKING([for min value of long long])
2253 AC_MSG_RESULT($llong_min)
2254 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2255 [min value of long long calculated by configure])
2256 ],
2257 [
2258 AC_MSG_RESULT(not found)
2259 ],
2260 [
2261 AC_MSG_WARN([cross compiling: not checking])
2262 ]
2263 )
2264 fi
2267 # More checks for data types
2268 AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2269 AC_TRY_COMPILE(
2270 [ #include <sys/types.h> ],
2271 [ u_int a; a = 1;],
2272 [ ac_cv_have_u_int="yes" ],
2273 [ ac_cv_have_u_int="no" ]
2274 )
2275 ])
2276 if test "x$ac_cv_have_u_int" = "xyes" ; then
2277 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
2278 have_u_int=1
2279 fi
2281 AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2282 AC_TRY_COMPILE(
2283 [ #include <sys/types.h> ],
2284 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
2285 [ ac_cv_have_intxx_t="yes" ],
2286 [ ac_cv_have_intxx_t="no" ]
2287 )
2288 ])
2289 if test "x$ac_cv_have_intxx_t" = "xyes" ; then
2290 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
2291 have_intxx_t=1
2292 fi
2294 if (test -z "$have_intxx_t" && \
2295 test "x$ac_cv_header_stdint_h" = "xyes")
2296 then
2297 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2298 AC_TRY_COMPILE(
2299 [ #include <stdint.h> ],
2300 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
2301 [
2302 AC_DEFINE(HAVE_INTXX_T)
2303 AC_MSG_RESULT(yes)
2304 ],
2305 [ AC_MSG_RESULT(no) ]
2306 )
2307 fi
2309 AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2310 AC_TRY_COMPILE(
2311 [
2312 #include <sys/types.h>
2313 #ifdef HAVE_STDINT_H
2314 # include <stdint.h>
2315 #endif
2316 #include <sys/socket.h>
2317 #ifdef HAVE_SYS_BITYPES_H
2318 # include <sys/bitypes.h>
2319 #endif
2320 ],
2321 [ int64_t a; a = 1;],
2322 [ ac_cv_have_int64_t="yes" ],
2323 [ ac_cv_have_int64_t="no" ]
2324 )
2325 ])
2326 if test "x$ac_cv_have_int64_t" = "xyes" ; then
2327 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
2328 fi
2330 AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2331 AC_TRY_COMPILE(
2332 [ #include <sys/types.h> ],
2333 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
2334 [ ac_cv_have_u_intxx_t="yes" ],
2335 [ ac_cv_have_u_intxx_t="no" ]
2336 )
2337 ])
2338 if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
2339 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
2340 have_u_intxx_t=1
2341 fi
2343 if test -z "$have_u_intxx_t" ; then
2344 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2345 AC_TRY_COMPILE(
2346 [ #include <sys/socket.h> ],
2347 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
2348 [
2349 AC_DEFINE(HAVE_U_INTXX_T)
2350 AC_MSG_RESULT(yes)
2351 ],
2352 [ AC_MSG_RESULT(no) ]
2353 )
2354 fi
2356 AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2357 AC_TRY_COMPILE(
2358 [ #include <sys/types.h> ],
2359 [ u_int64_t a; a = 1;],
2360 [ ac_cv_have_u_int64_t="yes" ],
2361 [ ac_cv_have_u_int64_t="no" ]
2362 )
2363 ])
2364 if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2365 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
2366 have_u_int64_t=1
2367 fi
2369 if test -z "$have_u_int64_t" ; then
2370 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2371 AC_TRY_COMPILE(
2372 [ #include <sys/bitypes.h> ],
2373 [ u_int64_t a; a = 1],
2374 [
2375 AC_DEFINE(HAVE_U_INT64_T)
2376 AC_MSG_RESULT(yes)
2377 ],
2378 [ AC_MSG_RESULT(no) ]
2379 )
2380 fi
2382 if test -z "$have_u_intxx_t" ; then
2383 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2384 AC_TRY_COMPILE(
2385 [
2386 #include <sys/types.h>
2387 ],
2388 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
2389 [ ac_cv_have_uintxx_t="yes" ],
2390 [ ac_cv_have_uintxx_t="no" ]
2391 )
2392 ])
2393 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2394 AC_DEFINE(HAVE_UINTXX_T, 1,
2395 [define if you have uintxx_t data type])
2396 fi
2397 fi
2399 if test -z "$have_uintxx_t" ; then
2400 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2401 AC_TRY_COMPILE(
2402 [ #include <stdint.h> ],
2403 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
2404 [
2405 AC_DEFINE(HAVE_UINTXX_T)
2406 AC_MSG_RESULT(yes)
2407 ],
2408 [ AC_MSG_RESULT(no) ]
2409 )
2410 fi
2412 if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
2413 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
2414 then
2415 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2416 AC_TRY_COMPILE(
2417 [
2418 #include <sys/bitypes.h>
2419 ],
2420 [
2421 int8_t a; int16_t b; int32_t c;
2422 u_int8_t e; u_int16_t f; u_int32_t g;
2423 a = b = c = e = f = g = 1;
2424 ],
2425 [
2426 AC_DEFINE(HAVE_U_INTXX_T)
2427 AC_DEFINE(HAVE_INTXX_T)
2428 AC_MSG_RESULT(yes)
2429 ],
2430 [AC_MSG_RESULT(no)]
2431 )
2432 fi
2435 AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2436 AC_TRY_COMPILE(
2437 [
2438 #include <sys/types.h>
2439 ],
2440 [ u_char foo; foo = 125; ],
2441 [ ac_cv_have_u_char="yes" ],
2442 [ ac_cv_have_u_char="no" ]
2443 )
2444 ])
2445 if test "x$ac_cv_have_u_char" = "xyes" ; then
2446 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
2447 fi
2449 TYPE_SOCKLEN_T
2451 AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2453 AC_CHECK_TYPES(in_addr_t,,,
2454 [#include <sys/types.h>
2455 #include <netinet/in.h>])
2457 AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2458 AC_TRY_COMPILE(
2459 [
2460 #include <sys/types.h>
2461 ],
2462 [ size_t foo; foo = 1235; ],
2463 [ ac_cv_have_size_t="yes" ],
2464 [ ac_cv_have_size_t="no" ]
2465 )
2466 ])
2467 if test "x$ac_cv_have_size_t" = "xyes" ; then
2468 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
2469 fi
2471 AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2472 AC_TRY_COMPILE(
2473 [
2474 #include <sys/types.h>
2475 ],
2476 [ ssize_t foo; foo = 1235; ],
2477 [ ac_cv_have_ssize_t="yes" ],
2478 [ ac_cv_have_ssize_t="no" ]
2479 )
2480 ])
2481 if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2482 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
2483 fi
2485 AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2486 AC_TRY_COMPILE(
2487 [
2488 #include <time.h>
2489 ],
2490 [ clock_t foo; foo = 1235; ],
2491 [ ac_cv_have_clock_t="yes" ],
2492 [ ac_cv_have_clock_t="no" ]
2493 )
2494 ])
2495 if test "x$ac_cv_have_clock_t" = "xyes" ; then
2496 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
2497 fi
2499 AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2500 AC_TRY_COMPILE(
2501 [
2502 #include <sys/types.h>
2503 #include <sys/socket.h>
2504 ],
2505 [ sa_family_t foo; foo = 1235; ],
2506 [ ac_cv_have_sa_family_t="yes" ],
2507 [ AC_TRY_COMPILE(
2508 [
2509 #include <sys/types.h>
2510 #include <sys/socket.h>
2511 #include <netinet/in.h>
2512 ],
2513 [ sa_family_t foo; foo = 1235; ],
2514 [ ac_cv_have_sa_family_t="yes" ],
2516 [ ac_cv_have_sa_family_t="no" ]
2517 )]
2518 )
2519 ])
2520 if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2521 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2522 [define if you have sa_family_t data type])
2523 fi
2525 AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2526 AC_TRY_COMPILE(
2527 [
2528 #include <sys/types.h>
2529 ],
2530 [ pid_t foo; foo = 1235; ],
2531 [ ac_cv_have_pid_t="yes" ],
2532 [ ac_cv_have_pid_t="no" ]
2533 )
2534 ])
2535 if test "x$ac_cv_have_pid_t" = "xyes" ; then
2536 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
2537 fi
2539 AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2540 AC_TRY_COMPILE(
2541 [
2542 #include <sys/types.h>
2543 ],
2544 [ mode_t foo; foo = 1235; ],
2545 [ ac_cv_have_mode_t="yes" ],
2546 [ ac_cv_have_mode_t="no" ]
2547 )
2548 ])
2549 if test "x$ac_cv_have_mode_t" = "xyes" ; then
2550 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
2551 fi
2554 AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2555 AC_TRY_COMPILE(
2556 [
2557 #include <sys/types.h>
2558 #include <sys/socket.h>
2559 ],
2560 [ struct sockaddr_storage s; ],
2561 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2562 [ ac_cv_have_struct_sockaddr_storage="no" ]
2563 )
2564 ])
2565 if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2566 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2567 [define if you have struct sockaddr_storage data type])
2568 fi
2570 AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2571 AC_TRY_COMPILE(
2572 [
2573 #include <sys/types.h>
2574 #include <netinet/in.h>
2575 ],
2576 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2577 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2578 [ ac_cv_have_struct_sockaddr_in6="no" ]
2579 )
2580 ])
2581 if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2582 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2583 [define if you have struct sockaddr_in6 data type])
2584 fi
2586 AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2587 AC_TRY_COMPILE(
2588 [
2589 #include <sys/types.h>
2590 #include <netinet/in.h>
2591 ],
2592 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2593 [ ac_cv_have_struct_in6_addr="yes" ],
2594 [ ac_cv_have_struct_in6_addr="no" ]
2595 )
2596 ])
2597 if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2598 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2599 [define if you have struct in6_addr data type])
2600 fi
2602 AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2603 AC_TRY_COMPILE(
2604 [
2605 #include <sys/types.h>
2606 #include <sys/socket.h>
2607 #include <netdb.h>
2608 ],
2609 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2610 [ ac_cv_have_struct_addrinfo="yes" ],
2611 [ ac_cv_have_struct_addrinfo="no" ]
2612 )
2613 ])
2614 if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2615 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2616 [define if you have struct addrinfo data type])
2617 fi
2619 AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2620 AC_TRY_COMPILE(
2621 [ #include <sys/time.h> ],
2622 [ struct timeval tv; tv.tv_sec = 1;],
2623 [ ac_cv_have_struct_timeval="yes" ],
2624 [ ac_cv_have_struct_timeval="no" ]
2625 )
2626 ])
2627 if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2628 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
2629 have_struct_timeval=1
2630 fi
2632 AC_CHECK_TYPES(struct timespec)
2634 # We need int64_t or else certian parts of the compile will fail.
2635 if test "x$ac_cv_have_int64_t" = "xno" && \
2636 test "x$ac_cv_sizeof_long_int" != "x8" && \
2637 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
2638 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2639 echo "an alternative compiler (I.E., GCC) before continuing."
2640 echo ""
2641 exit 1;
2642 else
2643 dnl test snprintf (broken on SCO w/gcc)
2644 AC_RUN_IFELSE(
2645 [AC_LANG_SOURCE([[
2646 #include <stdio.h>
2647 #include <string.h>
2648 #ifdef HAVE_SNPRINTF
2649 main()
2650 {
2651 char buf[50];
2652 char expected_out[50];
2653 int mazsize = 50 ;
2654 #if (SIZEOF_LONG_INT == 8)
2655 long int num = 0x7fffffffffffffff;
2656 #else
2657 long long num = 0x7fffffffffffffffll;
2658 #endif
2659 strcpy(expected_out, "9223372036854775807");
2660 snprintf(buf, mazsize, "%lld", num);
2661 if(strcmp(buf, expected_out) != 0)
2662 exit(1);
2663 exit(0);
2664 }
2665 #else
2666 main() { exit(0); }
2667 #endif
2668 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2669 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
2670 )
2671 fi
2673 dnl Checks for structure members
2674 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2675 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2676 OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2677 OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2678 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2679 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2680 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2681 OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2682 OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2683 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2684 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2685 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2686 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2687 OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2688 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2689 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2690 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2692 AC_CHECK_MEMBERS([struct stat.st_blksize])
2693 AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2694 [Define if we don't have struct __res_state in resolv.h])],
2695 [
2696 #include <stdio.h>
2697 #if HAVE_SYS_TYPES_H
2698 # include <sys/types.h>
2699 #endif
2700 #include <netinet/in.h>
2701 #include <arpa/nameser.h>
2702 #include <resolv.h>
2703 ])
2705 AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2706 ac_cv_have_ss_family_in_struct_ss, [
2707 AC_TRY_COMPILE(
2708 [
2709 #include <sys/types.h>
2710 #include <sys/socket.h>
2711 ],
2712 [ struct sockaddr_storage s; s.ss_family = 1; ],
2713 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2714 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2715 )
2716 ])
2717 if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2718 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
2719 fi
2721 AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2722 ac_cv_have___ss_family_in_struct_ss, [
2723 AC_TRY_COMPILE(
2724 [
2725 #include <sys/types.h>
2726 #include <sys/socket.h>
2727 ],
2728 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2729 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2730 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2731 )
2732 ])
2733 if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2734 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2735 [Fields in struct sockaddr_storage])
2736 fi
2738 AC_CACHE_CHECK([for pw_class field in struct passwd],
2739 ac_cv_have_pw_class_in_struct_passwd, [
2740 AC_TRY_COMPILE(
2741 [
2742 #include <pwd.h>
2743 ],
2744 [ struct passwd p; p.pw_class = 0; ],
2745 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2746 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2747 )
2748 ])
2749 if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2750 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2751 [Define if your password has a pw_class field])
2752 fi
2754 AC_CACHE_CHECK([for pw_expire field in struct passwd],
2755 ac_cv_have_pw_expire_in_struct_passwd, [
2756 AC_TRY_COMPILE(
2757 [
2758 #include <pwd.h>
2759 ],
2760 [ struct passwd p; p.pw_expire = 0; ],
2761 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2762 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2763 )
2764 ])
2765 if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2766 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2767 [Define if your password has a pw_expire field])
2768 fi
2770 AC_CACHE_CHECK([for pw_change field in struct passwd],
2771 ac_cv_have_pw_change_in_struct_passwd, [
2772 AC_TRY_COMPILE(
2773 [
2774 #include <pwd.h>
2775 ],
2776 [ struct passwd p; p.pw_change = 0; ],
2777 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2778 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2779 )
2780 ])
2781 if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2782 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2783 [Define if your password has a pw_change field])
2784 fi
2786 dnl make sure we're using the real structure members and not defines
2787 AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2788 ac_cv_have_accrights_in_msghdr, [
2789 AC_COMPILE_IFELSE(
2790 [
2791 #include <sys/types.h>
2792 #include <sys/socket.h>
2793 #include <sys/uio.h>
2794 int main() {
2795 #ifdef msg_accrights
2796 #error "msg_accrights is a macro"
2797 exit(1);
2798 #endif
2799 struct msghdr m;
2800 m.msg_accrights = 0;
2801 exit(0);
2802 }
2803 ],
2804 [ ac_cv_have_accrights_in_msghdr="yes" ],
2805 [ ac_cv_have_accrights_in_msghdr="no" ]
2806 )
2807 ])
2808 if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2809 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2810 [Define if your system uses access rights style
2811 file descriptor passing])
2812 fi
2814 AC_CACHE_CHECK([for msg_control field in struct msghdr],
2815 ac_cv_have_control_in_msghdr, [
2816 AC_COMPILE_IFELSE(
2817 [
2818 #include <sys/types.h>
2819 #include <sys/socket.h>
2820 #include <sys/uio.h>
2821 int main() {
2822 #ifdef msg_control
2823 #error "msg_control is a macro"
2824 exit(1);
2825 #endif
2826 struct msghdr m;
2827 m.msg_control = 0;
2828 exit(0);
2829 }
2830 ],
2831 [ ac_cv_have_control_in_msghdr="yes" ],
2832 [ ac_cv_have_control_in_msghdr="no" ]
2833 )
2834 ])
2835 if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2836 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2837 [Define if your system uses ancillary data style
2838 file descriptor passing])
2839 fi
2841 AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
2842 AC_TRY_LINK([],
2843 [ extern char *__progname; printf("%s", __progname); ],
2844 [ ac_cv_libc_defines___progname="yes" ],
2845 [ ac_cv_libc_defines___progname="no" ]
2846 )
2847 ])
2848 if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2849 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
2850 fi
2852 AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2853 AC_TRY_LINK([
2854 #include <stdio.h>
2855 ],
2856 [ printf("%s", __FUNCTION__); ],
2857 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2858 [ ac_cv_cc_implements___FUNCTION__="no" ]
2859 )
2860 ])
2861 if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2862 AC_DEFINE(HAVE___FUNCTION__, 1,
2863 [Define if compiler implements __FUNCTION__])
2864 fi
2866 AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2867 AC_TRY_LINK([
2868 #include <stdio.h>
2869 ],
2870 [ printf("%s", __func__); ],
2871 [ ac_cv_cc_implements___func__="yes" ],
2872 [ ac_cv_cc_implements___func__="no" ]
2873 )
2874 ])
2875 if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2876 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
2877 fi
2879 AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2880 AC_TRY_LINK(
2881 [#include <stdarg.h>
2882 va_list x,y;],
2883 [va_copy(x,y);],
2884 [ ac_cv_have_va_copy="yes" ],
2885 [ ac_cv_have_va_copy="no" ]
2886 )
2887 ])
2888 if test "x$ac_cv_have_va_copy" = "xyes" ; then
2889 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2890 fi
2892 AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2893 AC_TRY_LINK(
2894 [#include <stdarg.h>
2895 va_list x,y;],
2896 [__va_copy(x,y);],
2897 [ ac_cv_have___va_copy="yes" ],
2898 [ ac_cv_have___va_copy="no" ]
2899 )
2900 ])
2901 if test "x$ac_cv_have___va_copy" = "xyes" ; then
2902 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2903 fi
2905 AC_CACHE_CHECK([whether getopt has optreset support],
2906 ac_cv_have_getopt_optreset, [
2907 AC_TRY_LINK(
2908 [
2909 #include <getopt.h>
2910 ],
2911 [ extern int optreset; optreset = 0; ],
2912 [ ac_cv_have_getopt_optreset="yes" ],
2913 [ ac_cv_have_getopt_optreset="no" ]
2914 )
2915 ])
2916 if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2917 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2918 [Define if your getopt(3) defines and uses optreset])
2919 fi
2921 AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
2922 AC_TRY_LINK([],
2923 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
2924 [ ac_cv_libc_defines_sys_errlist="yes" ],
2925 [ ac_cv_libc_defines_sys_errlist="no" ]
2926 )
2927 ])
2928 if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2929 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2930 [Define if your system defines sys_errlist[]])
2931 fi
2934 AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
2935 AC_TRY_LINK([],
2936 [ extern int sys_nerr; printf("%i", sys_nerr);],
2937 [ ac_cv_libc_defines_sys_nerr="yes" ],
2938 [ ac_cv_libc_defines_sys_nerr="no" ]
2939 )
2940 ])
2941 if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2942 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
2943 fi
2945 SCARD_MSG="no"
2946 # Check whether user wants sectok support
2947 AC_ARG_WITH(sectok,
2948 [ --with-sectok Enable smartcard support using libsectok],
2949 [
2950 if test "x$withval" != "xno" ; then
2951 if test "x$withval" != "xyes" ; then
2952 CPPFLAGS="$CPPFLAGS -I${withval}"
2953 LDFLAGS="$LDFLAGS -L${withval}"
2954 if test ! -z "$need_dash_r" ; then
2955 LDFLAGS="$LDFLAGS -R${withval}"
2956 fi
2957 if test ! -z "$blibpath" ; then
2958 blibpath="$blibpath:${withval}"
2959 fi
2960 fi
2961 AC_CHECK_HEADERS(sectok.h)
2962 if test "$ac_cv_header_sectok_h" != yes; then
2963 AC_MSG_ERROR(Can't find sectok.h)
2964 fi
2965 AC_CHECK_LIB(sectok, sectok_open)
2966 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2967 AC_MSG_ERROR(Can't find libsectok)
2968 fi
2969 AC_DEFINE(SMARTCARD, 1,
2970 [Define if you want smartcard support])
2971 AC_DEFINE(USE_SECTOK, 1,
2972 [Define if you want smartcard support
2973 using sectok])
2974 SCARD_MSG="yes, using sectok"
2975 fi
2976 ]
2977 )
2979 # Check whether user wants OpenSC support
2980 OPENSC_CONFIG="no"
2981 AC_ARG_WITH(opensc,
2982 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
2983 [
2984 if test "x$withval" != "xno" ; then
2985 if test "x$withval" != "xyes" ; then
2986 OPENSC_CONFIG=$withval/bin/opensc-config
2987 else
2988 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2989 fi
2990 if test "$OPENSC_CONFIG" != "no"; then
2991 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2992 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2993 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2994 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2995 AC_DEFINE(SMARTCARD)
2996 AC_DEFINE(USE_OPENSC, 1,
2997 [Define if you want smartcard support
2998 using OpenSC])
2999 SCARD_MSG="yes, using OpenSC"
3000 fi
3001 fi
3002 ]
3003 )
3005 # Check libraries needed by DNS fingerprint support
3006 AC_SEARCH_LIBS(getrrsetbyname, resolv,
3007 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3008 [Define if getrrsetbyname() exists])],
3009 [
3010 # Needed by our getrrsetbyname()
3011 AC_SEARCH_LIBS(res_query, resolv)
3012 AC_SEARCH_LIBS(dn_expand, resolv)
3013 AC_MSG_CHECKING(if res_query will link)
3014 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3015 [AC_MSG_RESULT(no)
3016 saved_LIBS="$LIBS"
3017 LIBS="$LIBS -lresolv"
3018 AC_MSG_CHECKING(for res_query in -lresolv)
3019 AC_LINK_IFELSE([
3020 #include <resolv.h>
3021 int main()
3022 {
3023 res_query (0, 0, 0, 0, 0);
3024 return 0;
3025 }
3026 ],
3027 [LIBS="$LIBS -lresolv"
3028 AC_MSG_RESULT(yes)],
3029 [LIBS="$saved_LIBS"
3030 AC_MSG_RESULT(no)])
3031 ])
3032 AC_CHECK_FUNCS(_getshort _getlong)
3033 AC_CHECK_DECLS([_getshort, _getlong], , ,
3034 [#include <sys/types.h>
3035 #include <arpa/nameser.h>])
3036 AC_CHECK_MEMBER(HEADER.ad,
3037 [AC_DEFINE(HAVE_HEADER_AD, 1,
3038 [Define if HEADER.ad exists in arpa/nameser.h])],,
3039 [#include <arpa/nameser.h>])
3040 ])
3042 # Check whether user wants SELinux support
3043 SELINUX_MSG="no"
3044 LIBSELINUX=""
3045 AC_ARG_WITH(selinux,
3046 [ --with-selinux Enable SELinux support],
3047 [ if test "x$withval" != "xno" ; then
3048 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3049 SELINUX_MSG="yes"
3050 AC_CHECK_HEADER([selinux/selinux.h], ,
3051 AC_MSG_ERROR(SELinux support requires selinux.h header))
3052 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3053 AC_MSG_ERROR(SELinux support requires libselinux library))
3054 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3055 fi ]
3056 )
3057 AC_SUBST(LIBSELINUX)
3059 # Check whether user wants Kerberos 5 support
3060 KRB5_MSG="no"
3061 AC_ARG_WITH(kerberos5,
3062 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3063 [ if test "x$withval" != "xno" ; then
3064 if test "x$withval" = "xyes" ; then
3065 KRB5ROOT="/usr/local"
3066 else
3067 KRB5ROOT=${withval}
3068 fi
3070 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
3071 KRB5_MSG="yes"
3073 AC_MSG_CHECKING(for krb5-config)
3074 if test -x $KRB5ROOT/bin/krb5-config ; then
3075 KRB5CONF=$KRB5ROOT/bin/krb5-config
3076 AC_MSG_RESULT($KRB5CONF)
3078 AC_MSG_CHECKING(for gssapi support)
3079 if $KRB5CONF | grep gssapi >/dev/null ; then
3080 AC_MSG_RESULT(yes)
3081 AC_DEFINE(GSSAPI, 1,
3082 [Define this if you want GSSAPI
3083 support in the version 2 protocol])
3084 k5confopts=gssapi
3085 else
3086 AC_MSG_RESULT(no)
3087 k5confopts=""
3088 fi
3089 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3090 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3091 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3092 AC_MSG_CHECKING(whether we are using Heimdal)
3093 AC_TRY_COMPILE([ #include <krb5.h> ],
3094 [ char *tmp = heimdal_version; ],
3095 [ AC_MSG_RESULT(yes)
3096 AC_DEFINE(HEIMDAL, 1,
3097 [Define this if you are using the
3098 Heimdal version of Kerberos V5]) ],
3099 AC_MSG_RESULT(no)
3100 )
3101 else
3102 AC_MSG_RESULT(no)
3103 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
3104 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3105 AC_MSG_CHECKING(whether we are using Heimdal)
3106 AC_TRY_COMPILE([ #include <krb5.h> ],
3107 [ char *tmp = heimdal_version; ],
3108 [ AC_MSG_RESULT(yes)
3109 AC_DEFINE(HEIMDAL)
3110 K5LIBS="-lkrb5 -ldes"
3111 K5LIBS="$K5LIBS -lcom_err -lasn1"
3112 AC_CHECK_LIB(roken, net_write,
3113 [K5LIBS="$K5LIBS -lroken"])
3114 ],
3115 [ AC_MSG_RESULT(no)
3116 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3117 ]
3118 )
3119 AC_SEARCH_LIBS(dn_expand, resolv)
3121 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3122 [ AC_DEFINE(GSSAPI)
3123 K5LIBS="-lgssapi $K5LIBS" ],
3124 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3125 [ AC_DEFINE(GSSAPI)
3126 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3127 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3128 $K5LIBS)
3129 ],
3130 $K5LIBS)
3132 AC_CHECK_HEADER(gssapi.h, ,
3133 [ unset ac_cv_header_gssapi_h
3134 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3135 AC_CHECK_HEADERS(gssapi.h, ,
3136 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
3137 )
3138 ]
3139 )
3141 oldCPP="$CPPFLAGS"
3142 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3143 AC_CHECK_HEADER(gssapi_krb5.h, ,
3144 [ CPPFLAGS="$oldCPP" ])
3146 fi
3147 if test ! -z "$need_dash_r" ; then
3148 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3149 fi
3150 if test ! -z "$blibpath" ; then
3151 blibpath="$blibpath:${KRB5ROOT}/lib"
3152 fi
3154 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3155 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3156 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
3158 LIBS="$LIBS $K5LIBS"
3159 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3160 [Define this if you want to use libkafs' AFS support]))
3161 fi
3162 ]
3163 )
3165 # Looking for programs, paths and files
3167 PRIVSEP_PATH=/var/empty
3168 AC_ARG_WITH(privsep-path,
3169 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
3170 [
3171 if test -n "$withval" && test "x$withval" != "xno" && \
3172 test "x${withval}" != "xyes"; then
3173 PRIVSEP_PATH=$withval
3174 fi
3175 ]
3176 )
3177 AC_SUBST(PRIVSEP_PATH)
3179 AC_ARG_WITH(xauth,
3180 [ --with-xauth=PATH Specify path to xauth program ],
3181 [
3182 if test -n "$withval" && test "x$withval" != "xno" && \
3183 test "x${withval}" != "xyes"; then
3184 xauth_path=$withval
3185 fi
3186 ],
3187 [
3188 TestPath="$PATH"
3189 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3190 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3191 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3192 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3193 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3194 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3195 xauth_path="/usr/openwin/bin/xauth"
3196 fi
3197 ]
3198 )
3200 STRIP_OPT=-s
3201 AC_ARG_ENABLE(strip,
3202 [ --disable-strip Disable calling strip(1) on install],
3203 [
3204 if test "x$enableval" = "xno" ; then
3205 STRIP_OPT=
3206 fi
3207 ]
3208 )
3209 AC_SUBST(STRIP_OPT)
3211 if test -z "$xauth_path" ; then
3212 XAUTH_PATH="undefined"
3213 AC_SUBST(XAUTH_PATH)
3214 else
3215 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3216 [Define if xauth is found in your path])
3217 XAUTH_PATH=$xauth_path
3218 AC_SUBST(XAUTH_PATH)
3219 fi
3221 # Check for mail directory (last resort if we cannot get it from headers)
3222 if test ! -z "$MAIL" ; then
3223 maildir=`dirname $MAIL`
3224 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3225 [Set this to your mail directory if you don't have maillock.h])
3226 fi
3228 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3229 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3230 disable_ptmx_check=yes
3231 fi
3232 if test -z "$no_dev_ptmx" ; then
3233 if test "x$disable_ptmx_check" != "xyes" ; then
3234 AC_CHECK_FILE("/dev/ptmx",
3235 [
3236 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3237 [Define if you have /dev/ptmx])
3238 have_dev_ptmx=1
3239 ]
3240 )
3241 fi
3242 fi
3244 if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3245 AC_CHECK_FILE("/dev/ptc",
3246 [
3247 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3248 [Define if you have /dev/ptc])
3249 have_dev_ptc=1
3250 ]
3251 )
3252 else
3253 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3254 fi
3256 # Options from here on. Some of these are preset by platform above
3257 AC_ARG_WITH(mantype,
3258 [ --with-mantype=man|cat|doc Set man page type],
3259 [
3260 case "$withval" in
3261 man|cat|doc)
3262 MANTYPE=$withval
3263 ;;
3264 *)
3265 AC_MSG_ERROR(invalid man type: $withval)
3266 ;;
3267 esac
3268 ]
3269 )
3270 if test -z "$MANTYPE"; then
3271 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3272 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3273 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3274 MANTYPE=doc
3275 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3276 MANTYPE=man
3277 else
3278 MANTYPE=cat
3279 fi
3280 fi
3281 AC_SUBST(MANTYPE)
3282 if test "$MANTYPE" = "doc"; then
3283 mansubdir=man;
3284 else
3285 mansubdir=$MANTYPE;
3286 fi
3287 AC_SUBST(mansubdir)
3289 # Check whether to enable MD5 passwords
3290 MD5_MSG="no"
3291 AC_ARG_WITH(md5-passwords,
3292 [ --with-md5-passwords Enable use of MD5 passwords],
3293 [
3294 if test "x$withval" != "xno" ; then
3295 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3296 [Define if you want to allow MD5 passwords])
3297 MD5_MSG="yes"
3298 fi
3299 ]
3300 )
3302 # Whether to disable shadow password support
3303 AC_ARG_WITH(shadow,
3304 [ --without-shadow Disable shadow password support],
3305 [
3306 if test "x$withval" = "xno" ; then
3307 AC_DEFINE(DISABLE_SHADOW)
3308 disable_shadow=yes
3309 fi
3310 ]
3311 )
3313 if test -z "$disable_shadow" ; then
3314 AC_MSG_CHECKING([if the systems has expire shadow information])
3315 AC_TRY_COMPILE(
3316 [
3317 #include <sys/types.h>
3318 #include <shadow.h>
3319 struct spwd sp;
3320 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3321 [ sp_expire_available=yes ], []
3322 )
3324 if test "x$sp_expire_available" = "xyes" ; then
3325 AC_MSG_RESULT(yes)
3326 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3327 [Define if you want to use shadow password expire field])
3328 else
3329 AC_MSG_RESULT(no)
3330 fi
3331 fi
3333 # Use ip address instead of hostname in $DISPLAY
3334 if test ! -z "$IPADDR_IN_DISPLAY" ; then
3335 DISPLAY_HACK_MSG="yes"
3336 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3337 [Define if you need to use IP address
3338 instead of hostname in $DISPLAY])
3339 else
3340 DISPLAY_HACK_MSG="no"
3341 AC_ARG_WITH(ipaddr-display,
3342 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3343 [
3344 if test "x$withval" != "xno" ; then
3345 AC_DEFINE(IPADDR_IN_DISPLAY)
3346 DISPLAY_HACK_MSG="yes"
3347 fi
3348 ]
3349 )
3350 fi
3352 # check for /etc/default/login and use it if present.
3353 AC_ARG_ENABLE(etc-default-login,
3354 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3355 [ if test "x$enableval" = "xno"; then
3356 AC_MSG_NOTICE([/etc/default/login handling disabled])
3357 etc_default_login=no
3358 else
3359 etc_default_login=yes
3360 fi ],
3361 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3362 then
3363 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3364 etc_default_login=no
3365 else
3366 etc_default_login=yes
3367 fi ]
3368 )
3370 if test "x$etc_default_login" != "xno"; then
3371 AC_CHECK_FILE("/etc/default/login",
3372 [ external_path_file=/etc/default/login ])
3373 if test "x$external_path_file" = "x/etc/default/login"; then
3374 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3375 [Define if your system has /etc/default/login])
3376 fi
3377 fi
3379 dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
3380 if test $ac_cv_func_login_getcapbool = "yes" && \
3381 test $ac_cv_header_login_cap_h = "yes" ; then
3382 external_path_file=/etc/login.conf
3383 fi
3385 # Whether to mess with the default path
3386 SERVER_PATH_MSG="(default)"
3387 AC_ARG_WITH(default-path,
3388 [ --with-default-path= Specify default \$PATH environment for server],
3389 [
3390 if test "x$external_path_file" = "x/etc/login.conf" ; then
3391 AC_MSG_WARN([
3392 --with-default-path=PATH has no effect on this system.
3393 Edit /etc/login.conf instead.])
3394 elif test "x$withval" != "xno" ; then
3395 if test ! -z "$external_path_file" ; then
3396 AC_MSG_WARN([
3397 --with-default-path=PATH will only be used if PATH is not defined in
3398 $external_path_file .])
3399 fi
3400 user_path="$withval"
3401 SERVER_PATH_MSG="$withval"
3402 fi
3403 ],
3404 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3405 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
3406 else
3407 if test ! -z "$external_path_file" ; then
3408 AC_MSG_WARN([
3409 If PATH is defined in $external_path_file, ensure the path to scp is included,
3410 otherwise scp will not work.])
3411 fi
3412 AC_RUN_IFELSE(
3413 [AC_LANG_SOURCE([[
3414 /* find out what STDPATH is */
3415 #include <stdio.h>
3416 #ifdef HAVE_PATHS_H
3417 # include <paths.h>
3418 #endif
3419 #ifndef _PATH_STDPATH
3420 # ifdef _PATH_USERPATH /* Irix */
3421 # define _PATH_STDPATH _PATH_USERPATH
3422 # else
3423 # define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3424 # endif
3425 #endif
3426 #include <sys/types.h>
3427 #include <sys/stat.h>
3428 #include <fcntl.h>
3429 #define DATA "conftest.stdpath"
3431 main()
3432 {
3433 FILE *fd;
3434 int rc;
3436 fd = fopen(DATA,"w");
3437 if(fd == NULL)
3438 exit(1);
3440 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3441 exit(1);
3443 exit(0);
3444 }
3445 ]])],
3446 [ user_path=`cat conftest.stdpath` ],
3447 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3448 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3449 )
3450 # make sure $bindir is in USER_PATH so scp will work
3451 t_bindir=`eval echo ${bindir}`
3452 case $t_bindir in
3453 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3454 esac
3455 case $t_bindir in
3456 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3457 esac
3458 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3459 if test $? -ne 0 ; then
3460 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3461 if test $? -ne 0 ; then
3462 user_path=$user_path:$t_bindir
3463 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3464 fi
3465 fi
3466 fi ]
3467 )
3468 if test "x$external_path_file" != "x/etc/login.conf" ; then
3469 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
3470 AC_SUBST(user_path)
3471 fi
3473 # Set superuser path separately to user path
3474 AC_ARG_WITH(superuser-path,
3475 [ --with-superuser-path= Specify different path for super-user],
3476 [
3477 if test -n "$withval" && test "x$withval" != "xno" && \
3478 test "x${withval}" != "xyes"; then
3479 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3480 [Define if you want a different $PATH
3481 for the superuser])
3482 superuser_path=$withval
3483 fi
3484 ]
3485 )
3488 AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
3489 IPV4_IN6_HACK_MSG="no"
3490 AC_ARG_WITH(4in6,
3491 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3492 [
3493 if test "x$withval" != "xno" ; then
3494 AC_MSG_RESULT(yes)
3495 AC_DEFINE(IPV4_IN_IPV6, 1,
3496 [Detect IPv4 in IPv6 mapped addresses
3497 and treat as IPv4])
3498 IPV4_IN6_HACK_MSG="yes"
3499 else
3500 AC_MSG_RESULT(no)
3501 fi
3502 ],[
3503 if test "x$inet6_default_4in6" = "xyes"; then
3504 AC_MSG_RESULT([yes (default)])
3505 AC_DEFINE(IPV4_IN_IPV6)
3506 IPV4_IN6_HACK_MSG="yes"
3507 else
3508 AC_MSG_RESULT([no (default)])
3509 fi
3510 ]
3511 )
3513 # Whether to enable BSD auth support
3514 BSD_AUTH_MSG=no
3515 AC_ARG_WITH(bsd-auth,
3516 [ --with-bsd-auth Enable BSD auth support],
3517 [
3518 if test "x$withval" != "xno" ; then
3519 AC_DEFINE(BSD_AUTH, 1,
3520 [Define if you have BSD auth support])
3521 BSD_AUTH_MSG=yes
3522 fi
3523 ]
3524 )
3526 # Where to place sshd.pid
3527 piddir=/var/run
3528 # make sure the directory exists
3529 if test ! -d $piddir ; then
3530 piddir=`eval echo ${sysconfdir}`
3531 case $piddir in
3532 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
3533 esac
3534 fi
3536 AC_ARG_WITH(pid-dir,
3537 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3538 [
3539 if test -n "$withval" && test "x$withval" != "xno" && \
3540 test "x${withval}" != "xyes"; then
3541 piddir=$withval
3542 if test ! -d $piddir ; then
3543 AC_MSG_WARN([** no $piddir directory on this system **])
3544 fi
3545 fi
3546 ]
3547 )
3549 AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3550 AC_SUBST(piddir)
3552 dnl allow user to disable some login recording features
3553 AC_ARG_ENABLE(lastlog,
3554 [ --disable-lastlog disable use of lastlog even if detected [no]],
3555 [
3556 if test "x$enableval" = "xno" ; then
3557 AC_DEFINE(DISABLE_LASTLOG)
3558 fi
3559 ]
3560 )
3561 AC_ARG_ENABLE(utmp,
3562 [ --disable-utmp disable use of utmp even if detected [no]],
3563 [
3564 if test "x$enableval" = "xno" ; then
3565 AC_DEFINE(DISABLE_UTMP)
3566 fi
3567 ]
3568 )
3569 AC_ARG_ENABLE(utmpx,
3570 [ --disable-utmpx disable use of utmpx even if detected [no]],
3571 [
3572 if test "x$enableval" = "xno" ; then
3573 AC_DEFINE(DISABLE_UTMPX, 1,
3574 [Define if you don't want to use utmpx])
3575 fi
3576 ]
3577 )
3578 AC_ARG_ENABLE(wtmp,
3579 [ --disable-wtmp disable use of wtmp even if detected [no]],
3580 [
3581 if test "x$enableval" = "xno" ; then
3582 AC_DEFINE(DISABLE_WTMP)
3583 fi
3584 ]
3585 )
3586 AC_ARG_ENABLE(wtmpx,
3587 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
3588 [
3589 if test "x$enableval" = "xno" ; then
3590 AC_DEFINE(DISABLE_WTMPX, 1,
3591 [Define if you don't want to use wtmpx])
3592 fi
3593 ]
3594 )
3595 AC_ARG_ENABLE(libutil,
3596 [ --disable-libutil disable use of libutil (login() etc.) [no]],
3597 [
3598 if test "x$enableval" = "xno" ; then
3599 AC_DEFINE(DISABLE_LOGIN)
3600 fi
3601 ]
3602 )
3603 AC_ARG_ENABLE(pututline,
3604 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
3605 [
3606 if test "x$enableval" = "xno" ; then
3607 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3608 [Define if you don't want to use pututline()
3609 etc. to write [uw]tmp])
3610 fi
3611 ]
3612 )
3613 AC_ARG_ENABLE(pututxline,
3614 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
3615 [
3616 if test "x$enableval" = "xno" ; then
3617 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3618 [Define if you don't want to use pututxline()
3619 etc. to write [uw]tmpx])
3620 fi
3621 ]
3622 )
3623 AC_ARG_WITH(lastlog,
3624 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3625 [
3626 if test "x$withval" = "xno" ; then
3627 AC_DEFINE(DISABLE_LASTLOG)
3628 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3629 conf_lastlog_location=$withval
3630 fi
3631 ]
3632 )
3634 dnl lastlog, [uw]tmpx? detection
3635 dnl NOTE: set the paths in the platform section to avoid the
3636 dnl need for command-line parameters
3637 dnl lastlog and [uw]tmp are subject to a file search if all else fails
3639 dnl lastlog detection
3640 dnl NOTE: the code itself will detect if lastlog is a directory
3641 AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3642 AC_TRY_COMPILE([
3643 #include <sys/types.h>
3644 #include <utmp.h>
3645 #ifdef HAVE_LASTLOG_H
3646 # include <lastlog.h>
3647 #endif
3648 #ifdef HAVE_PATHS_H
3649 # include <paths.h>
3650 #endif
3651 #ifdef HAVE_LOGIN_H
3652 # include <login.h>
3653 #endif
3654 ],
3655 [ char *lastlog = LASTLOG_FILE; ],
3656 [ AC_MSG_RESULT(yes) ],
3657 [
3658 AC_MSG_RESULT(no)
3659 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3660 AC_TRY_COMPILE([
3661 #include <sys/types.h>
3662 #include <utmp.h>
3663 #ifdef HAVE_LASTLOG_H
3664 # include <lastlog.h>
3665 #endif
3666 #ifdef HAVE_PATHS_H
3667 # include <paths.h>
3668 #endif
3669 ],
3670 [ char *lastlog = _PATH_LASTLOG; ],
3671 [ AC_MSG_RESULT(yes) ],
3672 [
3673 AC_MSG_RESULT(no)
3674 system_lastlog_path=no
3675 ])
3676 ]
3677 )
3679 if test -z "$conf_lastlog_location"; then
3680 if test x"$system_lastlog_path" = x"no" ; then
3681 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3682 if (test -d "$f" || test -f "$f") ; then
3683 conf_lastlog_location=$f
3684 fi
3685 done
3686 if test -z "$conf_lastlog_location"; then
3687 AC_MSG_WARN([** Cannot find lastlog **])
3688 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3689 fi
3690 fi
3691 fi
3693 if test -n "$conf_lastlog_location"; then
3694 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3695 [Define if you want to specify the path to your lastlog file])
3696 fi
3698 dnl utmp detection
3699 AC_MSG_CHECKING([if your system defines UTMP_FILE])
3700 AC_TRY_COMPILE([
3701 #include <sys/types.h>
3702 #include <utmp.h>
3703 #ifdef HAVE_PATHS_H
3704 # include <paths.h>
3705 #endif
3706 ],
3707 [ char *utmp = UTMP_FILE; ],
3708 [ AC_MSG_RESULT(yes) ],
3709 [ AC_MSG_RESULT(no)
3710 system_utmp_path=no ]
3711 )
3712 if test -z "$conf_utmp_location"; then
3713 if test x"$system_utmp_path" = x"no" ; then
3714 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3715 if test -f $f ; then
3716 conf_utmp_location=$f
3717 fi
3718 done
3719 if test -z "$conf_utmp_location"; then
3720 AC_DEFINE(DISABLE_UTMP)
3721 fi
3722 fi
3723 fi
3724 if test -n "$conf_utmp_location"; then
3725 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3726 [Define if you want to specify the path to your utmp file])
3727 fi
3729 dnl wtmp detection
3730 AC_MSG_CHECKING([if your system defines WTMP_FILE])
3731 AC_TRY_COMPILE([
3732 #include <sys/types.h>
3733 #include <utmp.h>
3734 #ifdef HAVE_PATHS_H
3735 # include <paths.h>
3736 #endif
3737 ],
3738 [ char *wtmp = WTMP_FILE; ],
3739 [ AC_MSG_RESULT(yes) ],
3740 [ AC_MSG_RESULT(no)
3741 system_wtmp_path=no ]
3742 )
3743 if test -z "$conf_wtmp_location"; then
3744 if test x"$system_wtmp_path" = x"no" ; then
3745 for f in /usr/adm/wtmp /var/log/wtmp; do
3746 if test -f $f ; then
3747 conf_wtmp_location=$f
3748 fi
3749 done
3750 if test -z "$conf_wtmp_location"; then
3751 AC_DEFINE(DISABLE_WTMP)
3752 fi
3753 fi
3754 fi
3755 if test -n "$conf_wtmp_location"; then
3756 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3757 [Define if you want to specify the path to your wtmp file])
3758 fi
3761 dnl utmpx detection - I don't know any system so perverse as to require
3762 dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3763 dnl there, though.
3764 AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3765 AC_TRY_COMPILE([
3766 #include <sys/types.h>
3767 #include <utmp.h>
3768 #ifdef HAVE_UTMPX_H
3769 #include <utmpx.h>
3770 #endif
3771 #ifdef HAVE_PATHS_H
3772 # include <paths.h>
3773 #endif
3774 ],
3775 [ char *utmpx = UTMPX_FILE; ],
3776 [ AC_MSG_RESULT(yes) ],
3777 [ AC_MSG_RESULT(no)
3778 system_utmpx_path=no ]
3779 )
3780 if test -z "$conf_utmpx_location"; then
3781 if test x"$system_utmpx_path" = x"no" ; then
3782 AC_DEFINE(DISABLE_UTMPX)
3783 fi
3784 else
3785 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3786 [Define if you want to specify the path to your utmpx file])
3787 fi
3789 dnl wtmpx detection
3790 AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3791 AC_TRY_COMPILE([
3792 #include <sys/types.h>
3793 #include <utmp.h>
3794 #ifdef HAVE_UTMPX_H
3795 #include <utmpx.h>
3796 #endif
3797 #ifdef HAVE_PATHS_H
3798 # include <paths.h>
3799 #endif
3800 ],
3801 [ char *wtmpx = WTMPX_FILE; ],
3802 [ AC_MSG_RESULT(yes) ],
3803 [ AC_MSG_RESULT(no)
3804 system_wtmpx_path=no ]
3805 )
3806 if test -z "$conf_wtmpx_location"; then
3807 if test x"$system_wtmpx_path" = x"no" ; then
3808 AC_DEFINE(DISABLE_WTMPX)
3809 fi
3810 else
3811 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3812 [Define if you want to specify the path to your wtmpx file])
3813 fi
3816 if test ! -z "$blibpath" ; then
3817 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3818 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3819 fi
3821 dnl remove pam and dl because they are in $LIBPAM
3822 if test "$PAM_MSG" = yes ; then
3823 LIBS=`echo $LIBS | sed 's/-lpam //'`
3824 fi
3825 if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3826 LIBS=`echo $LIBS | sed 's/-ldl //'`
3827 fi
3829 dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3830 dnl Add now.
3831 CFLAGS="$CFLAGS $werror_flags"
3833 AC_EXEEXT
3834 AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3835 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
3836 AC_OUTPUT
3838 # Print summary of options
3840 # Someone please show me a better way :)
3841 A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3842 B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3843 C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3844 D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
3845 E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
3846 F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
3847 G=`eval echo ${piddir}` ; G=`eval echo ${G}`
3848 H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3849 I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3850 J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3852 echo ""
3853 echo "OpenSSH has been configured with the following options:"
3854 echo " User binaries: $B"
3855 echo " System binaries: $C"
3856 echo " Configuration files: $D"
3857 echo " Askpass program: $E"
3858 echo " Manual pages: $F"
3859 echo " PID file: $G"
3860 echo " Privilege separation chroot path: $H"
3861 if test "x$external_path_file" = "x/etc/login.conf" ; then
3862 echo " At runtime, sshd will use the path defined in $external_path_file"
3863 echo " Make sure the path to scp is present, otherwise scp will not work"
3864 else
3865 echo " sshd default user PATH: $I"
3866 if test ! -z "$external_path_file"; then
3867 echo " (If PATH is set in $external_path_file it will be used instead. If"
3868 echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3869 fi
3870 fi
3871 if test ! -z "$superuser_path" ; then
3872 echo " sshd superuser user PATH: $J"
3873 fi
3874 echo " Manpage format: $MANTYPE"
3875 echo " PAM support: $PAM_MSG"
3876 echo " KerberosV support: $KRB5_MSG"
3877 echo " SELinux support: $SELINUX_MSG"
3878 echo " Smartcard support: $SCARD_MSG"
3879 echo " S/KEY support: $SKEY_MSG"
3880 echo " TCP Wrappers support: $TCPW_MSG"
3881 echo " MD5 password support: $MD5_MSG"
3882 echo " libedit support: $LIBEDIT_MSG"
3883 echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
3884 echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3885 echo " BSD Auth support: $BSD_AUTH_MSG"
3886 echo " Random number source: $RAND_MSG"
3887 if test ! -z "$USE_RAND_HELPER" ; then
3888 echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3889 fi
3891 echo ""
3893 echo " Host: ${host}"
3894 echo " Compiler: ${CC}"
3895 echo " Compiler flags: ${CFLAGS}"
3896 echo "Preprocessor flags: ${CPPFLAGS}"
3897 echo " Linker flags: ${LDFLAGS}"
3898 echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3900 echo ""
3902 if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
3903 echo "SVR4 style packages are supported with \"make package\""
3904 echo ""
3905 fi
3907 if test "x$PAM_MSG" = "xyes" ; then
3908 echo "PAM is enabled. You may need to install a PAM control file "
3909 echo "for sshd, otherwise password authentication may fail. "
3910 echo "Example PAM control files can be found in the contrib/ "
3911 echo "subdirectory"
3912 echo ""
3913 fi
3915 if test ! -z "$RAND_HELPER_CMDHASH" ; then
3916 echo "WARNING: you are using the builtin random number collection "
3917 echo "service. Please read WARNING.RNG and request that your OS "
3918 echo "vendor includes kernel-based random number collection in "
3919 echo "future versions of your OS."
3920 echo ""
3921 fi
3923 if test ! -z "$NO_PEERCHECK" ; then
3924 echo "WARNING: the operating system that you are using does not "
3925 echo "appear to support either the getpeereid() API nor the "
3926 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3927 echo "enforce security checks to prevent unauthorised connections to "
3928 echo "ssh-agent. Their absence increases the risk that a malicious "
3929 echo "user can connect to your agent. "
3930 echo ""
3931 fi
3933 if test "$AUDIT_MODULE" = "bsm" ; then
3934 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3935 echo "See the Solaris section in README.platform for details."
3936 fi